0

Hi there,

Could you please take a look at my log file as I am having trouble opening certain websites.

Thanks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:12 AM, on 25/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Weatherzone Tracker\weather_tracker.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Remote\SimHID.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Owner\Desktop\HiJackThis.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe

--
End of file - 2447 bytes

4
Contributors
39
Replies
40
Views
8 Years
Discussion Span
Last Post by caveman20
0

That is an incomplete log. You need to post the entire log, not just the beginning and the end. We can tell nothing from this at all.
Also, what websites are you unable to see? Do you get an error message when this happens or just "This page cannot be viewed"
How long has this been happening? Have you installed anything new or Uninstalled anything lately?
From what little you have posted I see TWO anti-virus programs running, Avast and Symantec/Norton. This is an absolute no-no. Only ONE anti-virus program should be on the computer.

0

Thank you for replying. Please be patient with me as this is my first go on the forums. There are 2 websites that I cant get into it but I use to be able to. They are www.christianforumsite.com and www.talkjesus.com

When I try to go into them it says waiting atthe bottom but then comes up with the page cannot be viewed. I have also tried using Firefox and Opera but I am having the same problem.

Here is another hijack this log. Thanks again for your help. Also I do use Avast as my antivirus and I didnt know I had another one on here. Can you tell me the best way to get rid of it?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:29:58 PM, on 26/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Weatherzone Tracker\weather_tracker.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Remote\SimHID.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.victorianfootballleague.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.au.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Weather Tracker3] C:\Program Files\Weatherzone Tracker\weather_tracker.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~4.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://funschool.kaboose.com/fun-blaster/extreme-sports/games/game-superbike-gp.html"
O4 - Startup: SimHID.exe.lnk = C:\Program Files\Remote\SimHID.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} (tcast control) - http://nba.tom.com/video/tcastV1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe

--
End of file - 13793 bytes

0

Please be patient with me as this is my first go on the forums.

First of all to Uninstall that Symantec/Norton program go to Start, Control Panel, Add/Remove. Uninstall all listings with either Symantec or Norton listed. There will be several, including LiveUpdate.
If you get a message you have to reboot, please do so.
After the uninstalls are complete then do a file search on the computer, Start, Search, Files and Folders, and look first for Symantec. Allow the search to complete and then delete all that is found. Next do the same thing for Norton, delete everything found.
Reboot the computer.

I had no trouble doing so with either IE or Firefox. You may have too many temp files or an overloaded browser cache.

Next do the following:
Please Download ATF-Cleaner.exe by Atribune
Save it to your desktop for easy access. This simple program is used to remove temp files from the computer and clearing the browser caches, which may be stopping you from accessing the websites.

RUN ATF-Cleaner.exe.

-- Click on ATF-Cleaner to run it
-- Where it says Select Files To Delete, Check the Select All Option
-- Click Empty Selected > OK

If you use Firefox browser, do this also:

* Click Firefox at the top and choose Select All from the list.
* Click the Empty Selected button.
* NOTE : If you would like to keep your saved passwords, click No at the prompt.

If you use Opera browser, do this also:

* Click Opera at the top and choose Select All from the list.
* Click the Empty Selected button.
* NOTE : If you would like to keep your saved passwords, click No at the prompt.

Click Exit on the Main menu to close the program.
Now see if you can access the websites. It also could be that both web sites were very busy at the time you tried to access them.
Post back here and let us know if you were able to access them.
Judy

0

I have followed all those steps but I am still not able to access those websites. I have been trying for over a week with no luck.

Thanks again for your help with this.

0

Are you certain you have not blocked these sites with your firewall or possibly changed the security settings in your browsers?
You followed all the steps I gave you including uninstalling the extra anti virus program?

0

Yes I uninstalled all the symantec and norton programs. I also downloaded the ATF cleaner.

These websites use to work fine and I have no idea what has happened as I havent changed any settings. Can you please advise me on what to do next?

Thanks for your help!

0

This is the latest hijack this log if this helps.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:30:33 PM, on 26/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\System32\wpcumi.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Weatherzone Tracker\weather_tracker.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Remote\SimHID.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Owner\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.victorianfootballleague.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.au.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Weather Tracker3] C:\Program Files\Weatherzone Tracker\weather_tracker.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~4.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://funschool.kaboose.com/fun-blaster/extreme-sports/games/game-superbike-gp.html"
O4 - Startup: SimHID.exe.lnk = C:\Program Files\Remote\SimHID.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} (tcast control) - http://nba.tom.com/video/tcastV1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe

--
End of file - 12342 bytes

0

Thanks!

I just tried your suggestion but I still cant access those websites.

What is our next plan of attack?

0

Can you please do the following.

===============

Can you disable Windows Defender as it may interfere with the removal process. Please leave it disabled until your PC has been given the all clear.

  • Open Windows Defender
  • Click Tools
  • Click General Settings
  • Scroll down to Real Time Protection Options
  • Uncheck Turn on Real Time Protection (recommended)
  • After you uncheck this, click on the Save button
  • Close Windows Defender

===============

Programs like SUPERAntiSpyware, may interfere with the following fix, so we need to temporarily disable it.

  • Right-click on the SUPERAntiSpyware icon in the system tray.
  • Choose View Control Center... "Preferences/options" button/tab.
  • On the General and Startup...tab, uncheck, "Start SUPERAntiSpyware when Windows starts"
  • click Close to exit.

Don't forget to enable your SUPERAntiSpyware protection, when your computer is clean.


===============

Scan with HijackThis and then place a check next to all the following, if present:


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O13 - Gopher Prefix:

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...tup1.0.1.1.cab


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

To help protect your system from hostile ActiveX content, or special 'downloadable' files:

Download, install and keep updated, SpywareBlaster. If you've installed it for the first time:

1) Check for any available updates; if present, they'll be automatically downloaded and installed.
2) Next, "Enable all protection".
3) Exit the program.

-

Note: Remember to regularly check for updates.

===============

After rebooting, rescan with hijackthis and post back a new log.

==

Try typing the following in one at a time, hitting enter or go after each.

147.202.66.19

147.202.66.3

0

Thanks again. Here is my hijack this log. I tried typing in the numbers for the websites but no luck.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:00:52 PM, on 26/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Weatherzone Tracker\weather_tracker.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Remote\SimHID.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\Owner\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.victorianfootballleague.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.au.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Weather Tracker3] C:\Program Files\Weatherzone Tracker\weather_tracker.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~4.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://funschool.kaboose.com/fun-blaster/extreme-sports/games/game-superbike-gp.html"
O4 - Startup: SimHID.exe.lnk = C:\Program Files\Remote\SimHID.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} (tcast control) - http://nba.tom.com/video/tcastV1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe

--
End of file - 11897 bytes

0

Try this;

1. Click the Start logo in the bottom left corner of the screen
2. Click All Programs
3. Click Accessories
4. RIGHT-click on Command Prompt
5. Select Run As Administrator
6. In the command window type the following and then hit enter: ipconfig /flushdns
7. You should see the following confirmation:

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.

Reboot the pc and try those sites again.

0

This is driving me crazy. I flushed the dns like you said but I still cant get onto those websites. Thank you so much for your patience and persisting with this probem.

0

Have you deleted all your cookies?

Please download ComboFix by sUBs from HERE or HERE

  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

0

ComboFix 09-07-25.04 - Owner 26/07/2009 21:43.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.61.1033.18.3071.2015 [GMT 10:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-3897057312-1790061679-3163123038-500
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\File.3.1.1e.mfx
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\Flash6MovieV2.3.1.1e.mvx
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\FlashPlayer.3.1.1e.ocx
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\mPlayer.3.1.1e.dll
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\Registry.3.1.1e.mfx
c:\users\Owner\AppData\Local\Temp\mProjector3565698728\System.3.1.1e.mfx
c:\users\Owner\AppData\Local\Temp\ppcrlui_1736_2
c:\users\Owner\AppData\Roaming\inst.exe
c:\windows\Installer\2efcd.msi

.
((((((((((((((((((((((((( Files Created from 2009-06-26 to 2009-07-26 )))))))))))))))))))))))))))))))
.

2009-07-26 11:49 . 2009-07-26 11:51 -------- d-----w- c:\users\Owner\AppData\Local\temp
2009-07-26 11:49 . 2009-07-26 11:49 -------- d-----w- c:\users\Topp-Lowe Family\AppData\Local\temp
2009-07-26 09:54 . 2009-07-26 09:54 -------- d-----w- c:\program files\SpywareBlaster
2009-07-24 09:24 . 2009-07-24 09:24 -------- d-----w- c:\program files\Eureka
2009-07-22 07:40 . 2009-02-05 22:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-07-22 07:40 . 2009-02-05 22:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-07-22 07:40 . 2009-02-05 22:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-07-22 07:40 . 2009-02-05 22:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-07-22 07:40 . 2009-02-05 22:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-07-22 07:40 . 2009-02-05 22:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-07-22 07:40 . 2009-02-05 22:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-07-22 06:18 . 2009-07-26 09:05 117760 ----a-w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-07-22 06:17 . 2009-07-22 06:17 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-07-22 06:17 . 2009-07-22 06:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-07-22 06:17 . 2009-07-22 06:17 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-07-22 06:16 . 2009-07-22 06:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-21 12:00 . 2009-07-21 12:00 -------- d-----w- c:\users\Owner\AppData\Local\Opera
2009-07-21 11:59 . 2009-07-21 11:59 -------- d-----w- c:\program files\Opera
2009-07-20 03:47 . 2009-07-20 03:47 529224 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-07-18 08:34 . 1994-03-23 14:00 17424 ----a-w- c:\windows\system\MSAJT112.DLL
2009-07-18 08:34 . 1998-09-29 01:48 29457 ----a-w- c:\windows\SETUP1.EXE
2009-07-18 08:34 . 1994-04-04 14:00 994496 ----a-w- c:\windows\system\MSAJT200.DLL
2009-07-18 08:34 . 1994-03-23 14:00 95200 ----a-w- c:\windows\system\VBDB300.DLL
2009-07-18 08:34 . 1993-05-11 14:00 398416 ----a-w- c:\windows\system\VBRUN300.DLL
2009-07-18 08:34 . 1993-04-27 14:00 7008 ----a-w- c:\windows\system\SETUPKIT.DLL
2009-07-16 10:32 . 2009-07-21 09:23 -------- d-----w- C:\simsoc
2009-07-15 08:58 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 08:58 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 08:58 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-15 08:58 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-12 08:18 . 2009-07-12 08:18 -------- d-----w- c:\program files\CCleaner
2009-07-10 05:49 . 2009-07-10 05:49 -------- d-----w- C:\cm0102
2009-07-04 04:46 . 2009-07-04 04:47 -------- d-----w- c:\program files\Dvd-cloner
2009-07-03 22:23 . 2009-07-03 22:43 -------- d-----w- C:\tipping
2009-07-03 22:20 . 2009-07-03 22:20 -------- d-----w- c:\program files\Wests
2009-07-02 08:37 . 1996-11-07 14:17 721168 ----a-w- c:\windows\system32\VB40032.DLL
2009-07-02 08:37 . 1996-11-07 14:17 721168 ----a-w- c:\windows\system\VB40032.DLL
2009-07-01 10:42 . 2009-05-28 04:57 245760 ----a-w- c:\windows\system32\snmvtsvc.exe
2009-07-01 10:42 . 2009-05-28 03:18 3768 ----a-w- c:\windows\system32\SndTVideo.sys
2009-07-01 10:42 . 2009-05-28 03:18 10936 ----a-w- c:\windows\system32\SndTVideo.dll
2009-07-01 10:42 . 2009-05-28 03:18 23096 ----a-w- c:\windows\system32\SndTAudio.sys
2009-07-01 10:42 . 2009-05-28 03:18 23096 ----a-w- c:\windows\system32\drivers\SndTAudio.sys
2009-07-01 10:42 . 2009-07-01 10:44 -------- d-----w- c:\program files\SoundTaxi
2009-07-01 10:40 . 2009-07-01 10:48 -------- d-----w- c:\users\Owner\AppData\Roaming\GetRightToGo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 11:50 . 2008-06-03 13:23 1849 --sha-w- c:\windows\system32\mmf.sys
2009-07-26 11:49 . 2008-07-08 09:51 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-26 03:56 . 2008-01-11 21:31 -------- d-----w- c:\programdata\Symantec
2009-07-26 03:56 . 2008-01-11 21:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-25 11:41 . 2008-04-08 05:38 -------- d-----w- c:\users\Owner\AppData\Roaming\Vso
2009-07-24 10:25 . 2008-08-02 06:33 -------- d-----w- c:\users\Owner\AppData\Roaming\SPORE Creature Creator
2009-07-24 09:24 . 2008-01-11 21:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-22 22:55 . 2008-03-20 03:11 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-21 08:51 . 2008-03-20 05:28 -------- d-----w- c:\program files\Java
2009-07-20 23:58 . 2009-03-12 08:40 -------- d-----w- c:\users\Owner\AppData\Roaming\uTorrent
2009-07-20 02:01 . 2008-05-06 01:43 -------- d-----w- c:\users\Owner\AppData\Roaming\dvdcss
2009-07-19 13:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-14 12:27 . 2008-01-11 21:59 -------- d-----w- c:\program files\Acer GameZone
2009-07-14 12:26 . 2009-05-30 12:39 -------- d-----w- c:\program files\Champfoot
2009-07-10 22:01 . 2008-04-04 22:51 737280 ----a-w- c:\windows\iun6002.exe
2009-06-23 04:33 . 2008-01-11 21:43 -------- d-----w- c:\program files\Microsoft Works
2009-06-22 05:57 . 2009-04-10 07:39 -------- d-----w- c:\program files\Premiership Coach 2009 Beta
2009-05-30 10:46 . 2009-05-30 10:46 -------- d-----w- c:\program files\Add-in Express
2009-05-23 01:47 . 2008-07-13 22:44 7484 ----a-w- c:\users\Topp-Lowe Family\AppData\Local\d3d9caps.dat
2009-05-21 01:33 . 2008-12-23 21:08 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-09 05:50 . 2009-06-10 00:44 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 00:44 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 23:21 . 2008-12-23 22:55 34 ----a-w- c:\users\Owner\jagex_runescape_preferences.dat
2009-04-30 12:37 . 2009-06-13 23:11 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-04-30 12:37 . 2009-06-13 23:11 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-04-30 08:46 . 2008-04-12 11:06 7484 ----a-w- c:\users\Owner\AppData\Local\d3d9caps.dat
2009-03-26 19:11 . 2009-04-11 07:20 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-02 151552]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Weather Tracker3"="c:\program files\Weatherzone Tracker\weather_tracker.exe" [2008-05-16 2955790]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-21 171448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-09-08 326176]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-26 457216]
"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2007-06-22 204908]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-02-02 630784]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-02 151552]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe" [2007-07-30 159744]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-15 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-01 77824]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-23 4423680]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2006-11-23 1822720]

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SimHID.exe.lnk - c:\program files\Remote\SimHID.exe [2007-6-8 421888]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-12 3746856]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-1-12 535336]
Run Registration Tool.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2008-9-13 1175552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 02:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{DF7C9F42-CACD-4E5C-806A-0562E2A60005}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{EA2C4483-B0EA-48C4-A484-4606129DC6AB}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{BD1684E1-2CC4-458A-968A-9BF8E76B0732}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{FFF688B2-D5C1-4A63-8334-BDDC6DF058B4}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{D253EE75-B279-46FA-93DB-C8CC75CD065B}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{7C3A77F8-1845-4A44-8CAC-4519DBC127A3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{D7C82072-7F23-4860-8765-82F0A7D07D54}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{A07B61CC-723A-4129-91EA-8C7048450DD9}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{67D23609-9811-4761-BABC-8F29F3F083BE}"= c:\program files\CyberLink\PowerCinema\PowerCinema.exe:CyberLink PowerCinema
"{02DFF5F9-F6BE-4BF5-85EB-F101C0BE4717}"= c:\program files\CyberLink\PowerCinema\PCMService.exe:CyberLink PowerCinema Resident Program
"{E609FC2B-BDD9-4D48-885B-CDAE5E0A914F}"= c:\program files\CyberLink\PowerCinema\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{AF4CE03B-5EE0-4550-8A72-7ACA7DF245D5}"= c:\program files\CyberLink\PowerCinema\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{12B600CA-412B-4717-9BDB-5B880480F670}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{9B3AA868-E481-405B-ADB1-023C7DA62997}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F360D00D-9659-4933-B274-D35F3679A452}"= c:\program files\WiFiConnector\NintendoWFCReg.exe:Nintendo Wi-Fi USB Connector
"{53A1679C-5815-49F7-9E93-085FD10CB234}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{CFF35687-60A5-4CA9-96F0-25E87ABE026F}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{DB3E54CF-69F2-4CF5-8C75-147473053DB7}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{6160A417-5A7D-48CF-974D-32EB5268A9C9}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{DBF00271-5C9A-4746-AF62-1AAB352AA6E3}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{4F5D5F13-7BC9-4345-99F8-FB4DC0D4855B}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{2A57C81E-DDD3-45B5-9A2A-F52BF020D89C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{573D2040-3CD8-41C7-8B7C-5B6584EAACEA}c:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"UDP Query User{4EDC5A3C-E041-41A4-84DF-CDAE04125604}c:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"TCP Query User{94053E91-A7F3-4411-9269-2FE4D4D5DCA0}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{29B95ED3-F4B6-468C-8275-3203E94D15C9}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{0A9F2701-E627-4AC9-8848-2F2041002B1C}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{12D42416-C22E-41DA-99A2-3297C3CAF5AA}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{7AF3E522-956F-43BE-AF2E-95D733E1EF4B}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{D22000F4-3084-402D-940D-7CBE81E61E5D}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{38640E8E-2E33-4D11-985D-E786CA37CBF7}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{957B4EFE-F844-4399-99E5-B2177D44296F}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{E261A066-68D7-41DE-8FD3-5A3D09182CF7}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{482EA3E6-FAD1-4558-92E2-110676D5BF14}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/07/2009 5:40 PM 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 11:01 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 11:01 AM 72944]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [12/01/2008 7:57 AM 269448]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/07/2009 5:40 PM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/07/2009 5:40 PM 51792]
R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [3/06/2008 11:23 PM 2560]
R3 SndTAudio;SndTAudio;c:\windows\System32\drivers\SndTAudio.sys [1/07/2009 8:42 PM 23096]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [14/03/2009 2:45 PM 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [6/02/2009 5:08 PM 533360]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 11:01 AM 7408]
S3 SMServer;SMServer;c:\windows\System32\snmvtsvc.exe [1/07/2009 8:42 PM 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
HKCU-RunOnce-Shockwave Updater - c:\windows\System32\Adobe\SHOCKW~1\SWHELP~4.EXE -Update -1103470 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET
HKLM-Run-Apanel - c:\acersw\config\NewSetApanel.cmd
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.victorianfootballleague.com.au/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.au.acer.yahoo.com
uSearchURL,(Default) = hxxp://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
LSP: c:\windows\system32\wpclsp.dll
DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} - hxxp://nba.tom.com/video/tcastV1.cab
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\xfu0enjy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.victorianfootballleague.com.au/
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPJPI150_12.dll
FF - plugin: c:\program files\Java\jre1.5.0_12\bin\NPOJI610.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\MYMPC\Rpplugins\nppl3260.dll
FF - plugin: c:\program files\MYMPC\Rpplugins\npqtplugin.dll
FF - plugin: c:\program files\MYMPC\Rpplugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 21:51
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3897057312-1790061679-3163123038-1000\Software\SecuROM\License information*]
"datasecu"=hex:09,9a,80,f3,94,10,2f,97,e4,d2,77,3f,9c,23,ac,cd,c4,9b,e3,34,af,
e3,d9,71,e0,e3,de,8e,da,d1,eb,6b,62,35,bc,de,92,2f,a8,27,4f,af,7f,cd,5f,aa,\
"rkeysecu"=hex:fb,82,37,2b,47,7d,ee,4d,4a,7a,23,68,0d,30,45,7b

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \169D180DB7FE8847]
"1"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,86,2b,9b,9b,f3,96,a9,
e9
"2"=hex:05,83,26,a9,dc,b6,17,45,de,2e,f0,41,a5,95,91,56,fe,07,ca,23,63,6c,c8,
df,a0,cb,29,a7,07,62,23,54
"3"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,39,39,6a,6e,1d,99,29,
0e,9a,9e,61,33,16,37,68,38,ee,25,f6,f1,91,9f,21,a9,58,ec,19,f6,96,30,78,09

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \169D180DB7FE8847\13D3AF07D4AFC792B9BD996AC108D6B5]
"1"=hex:6a,02,e3,17,35,aa,4f,41,58,69,23,a3,81,f4,a8,0e,0a,4e,8a,24,18,b0,7f,
17,12,df,d0,2e,5e,18,49,90,15,18,bd,aa,84,24,4a,2c
"2"=hex:8a,38,16,48,1e,84,02,e7
"3"=hex:42,da,70,4b,dd,08,95,ea,af,03,cc,c7,5a,2c,8c,c6,3d,ba,10,4f,0c,ba,eb,
7a,c8,da,69,de,c7,28,d2,f7,fe,27,98,08,c7,4b,d6,79,20,2c,4d,08,3e,21,7b,62,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:6a,02,e3,17,35,aa,4f,41,58,69,23,a3,81,f4,a8,0e,0a,4e,8a,24,18,b0,7f,
17,12,df,d0,2e,5e,18,49,90,dc,73,88,43,a7,ef,1c,89,82,2c,d3,15,5a,cf,a4,82,\
"7"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,5c,6c,8a,b0,95,8d,88,
02,5c,f2,b7,9f,8e,b8,9a,b3,47,aa,06,9a,55,51,85,6f,7c,bd,b8,83,41,dc,29,77,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,91,e8,a9,4b,f4,c5,51,
df,c7,9b,39,cf,09,f9,b0,9b,ad,64,39,7b,c1,66,34,b7,bd,5f,73,03,3f,65,09,a8,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:87,d5,56,ff,14,1b,b1,5f,5b,29,07,35,10,8b,db,7f,33,e0,af,25,fd,5e,9c,
23,07,6f,2f,fa,6d,25,d4,90,88,8e,61,06,f2,21,c5,8f,25,6c,1b,48,9d,c5,55,78,\
"13"=hex:bd,27,ec,f0,7d,20,22,69,63,33,5e,53,fc,60,c8,dc,64,87,c1,9c,58,cb,99,
6a
"14"=hex:0d,7e,11,86,a7,43,bb,80,cb,84,d6,9b,52,2b,0b,b6
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:b5,44,74,28,ef,bb,44,89,e2,99,cc,f3,77,0f,85,61
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:f4,bd,d9,98,23,a4,aa,7c,9d,0c,66,4f,af,0c,e1,00,e4,53,db,0e,a4,27,91,
46,65,d4,4f,b7,38,4d,d6,78,48,00,8a,41,a8,3d,b5,e6,25,2c,1f,33,41,07,a3,a8,\

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \C6F447273BC65EF0]
"1"=hex:af,49,68,4a,a1,03,67,91,19,71,84,cd,48,2c,98,f8,ee,08,c6,eb,cb,98,eb,
30,ad,8c,c5,8a,3e,53,91,13
"2"=hex:58,11,50,42,2e,f2,55,51,6f,f7,9a,ef,6b,f3,36,21,ec,a7,58,e2,e8,c3,4d,
78,80,c1,ec,38,21,d8,13,6c
"3"=hex:af,49,68,4a,a1,03,67,91,19,71,84,cd,48,2c,98,f8,e7,e9,9a,5d,76,44,f3,
e8,cb,fa,f8,8a,c7,df,0f,18,db,65,d2,ff,d4,73,8c,c0,e1,dd,91,71,a1,e6,83,ee,\

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \C6F447273BC65EF0\3BF25C2B28ED7DA2F167FBF897B494F0]
"1"=hex:8c,de,d0,aa,f8,58,db,1b,5a,48,bb,3c,bc,6d,16,45,2e,8a,fd,60,ec,24,08,
4e,c6,d7,65,d0,9f,f1,a6,78,9d,86,02,91,67,eb,01,78,18,c8,5c,1c,43,89,94,b0
"2"=hex:30,58,8e,55,20,73,9f,a1
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:da,dd,13,74,dd,46,90,2c,b4,13,aa,32,f0,b9,86,f0,9c,c3,0c,e5,75,1e,7c,
9a,18,4b,60,3b,4d,c8,93,e8,cd,89,11,03,14,be,9d,dd,f6,b6,6d,d9,44,db,ea,5d,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,bf,0c,1a,52,a6,e7,1b,
f8,8f,ad,2f,ee,2b,2a,17,6b,97,01,da,d6,d5,69,51,39,da,b9,ad,87,18,62,1d,ff,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4524)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Premiership Coach 2009 Beta\Tools\SQL\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\WUDFHost.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\windows\ehome\ehsched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2009-07-26 21:59 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-26 11:59

Pre-Run: 14,349,586,432 bytes free
Post-Run: 14,179,303,424 bytes free

401 --- E O F --- 2009-07-26 09:57


Here is the hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:25 PM, on 26/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\Explorer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.victorianfootballleague.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/defaults/su/*http://au.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Weather Tracker3] C:\Program Files\Weatherzone Tracker\weather_tracker.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: SimHID.exe.lnk = C:\Program Files\Remote\SimHID.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} (tcast control) - http://nba.tom.com/video/tcastV1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe

--
End of file - 10500 bytes

0

No the websites still dont work. I tried them in firefox as well.

0

That works! Do I have to contact those websites to unblock me? I have no idea why I am being blocked if that is the case. Upon looking a bit further the websites dont have all the features when I use hidden cloak.

0

There is a chance that the website has blocked an IP range because of spam or whatever.
You need to find out your IP address and then contact the website throughthe proxy and see if they are blocking you.

0

Let's get rid of Combofix now that we are finished with it.


  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the /, it needs to be there.
0

There is a chance that the website has blocked an IP range because of spam or whatever.
You need to find out your IP address and then contact the website throughthe proxy and see if they are blocking you.

How do I do all of this? Can you please assist me?

0

Go to http://whatismyipaddress.com/ and it will display your current IP address. You then need to go to the websites you are having problems with and contact the administrator there and tell them your problem.
Let them know that you are having no problems anywhere else.

Good luck.

0

Thanks for your help. I have sent emails to the administartors and I will let you know how it goes when I hear back from them.

I just hope this works.

0

The administrators both replied and said that my IP address is not being blocked and I should be able to get onto the websites.

I dont know if this will help you but I typed in cmd in the run box and then I typed ping www.christianforumsite.com and www.talkjesus.com and they both comeback straight away with the timed out error.

I look forward to your response because no one seems to be able to fix this.

Thanks again

0

Have you physically checked your Hosts file to make certain that those websites are not in there being re-directed to your own pc?

Are you sure you ran the norton removal tool? Symantec is still showing in your logs.

0

Hi,

When I check the control panel and then add/remove there is nothing under Norton or Symantec. Are there any others I should be look for?

Also I dont know how to look up my host files. Can you explain that to me please?

Thanks

0

My ISP asked me to do a tracert on both websites. I did that and I thought it would be valuable to get your advice. Here are the results.

This is for www.talkjesus.com

1 <1 ms <1 ms <1 ms www.routerlogin.com [10.1.1.1]
2 18 ms 17 ms 17 ms sun800.ba.optusnet.com.au [198.142.129.51]
3 17 ms 17 ms 17 ms sun1-ge0-0.gw.optusnet.com.au
[198.142.144.217]

4 31 ms 30 ms 31 ms mas3-ge2-0-0-811.gw.optusnet.com.au
[211.29.155.
11]
5 179 ms 179 ms 179 ms 203.208.191.5
6 180 ms 181 ms 179 ms ge-4-0-0-0.laxow-dr2.ix.singtel.com
[203.208.149
.34]
7 180 ms 179 ms 202 ms lap-brdr-03.inet.qwest.net [63.146.26.145]
8 231 ms 227 ms 259 ms kcm-core-02.inet.qwest.net [67.14.11.129]
9 237 ms 240 ms 236 ms cdr2-core-01.inet.qwest.net [205.171.5.89]
10 238 ms 238 ms 237 ms cdr2-edge-02.inet.qwest.net [205.171.163.54]
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.

This one is for www.christianforumsite.com


Tracing route to christianforumsite.com [147.202.66.19]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms www.routerlogin.com [10.1.1.1]
2 18 ms 17 ms 17 ms sun800.ba.optusnet.com.au [198.142.129.51]
3 17 ms 17 ms 17 ms sun1-ge0-0.gw.optusnet.com.au
[198.142.144.217]

4 29 ms 29 ms 29 ms mas3-ge2-0-0-811.gw.optusnet.com.au
[211.29.155.
11]
5 180 ms 181 ms 179 ms 203.208.148.97
6 202 ms 181 ms 179 ms lap-brdr-03.inet.qwest.net [63.146.26.149]
7 227 ms 228 ms 227 ms kcm-core-02.inet.qwest.net [67.14.11.129]
8 236 ms 236 ms 236 ms cdr2-core-01.inet.qwest.net [205.171.5.89]
9 238 ms 238 ms 238 ms cdr2-edge-02.inet.qwest.net [205.171.163.54]
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * *


I can see that it is the same address that both websites are timing out on (I have put them in bold).
Can you please help me with what to do next?

Thanks

Brad

0

Hi,

When I check the control panel and then add/remove there is nothing under Norton or Symantec. Are there any others I should be look for?

Also I dont know how to look up my host files. Can you explain that to me please?

Thanks

I gave you a link to a tool that will remove all Symantec entries on your PC in a previous reply.
Did you run it?

Go to http://www.dnsstuff.com/ and in the Traceroute box, type in the problem website.
Come back with the result.

Note that I am not that familiar with this stuff and may not be able go much further with you.

Hosts file has no extension and can be found in the C:\Windows\System32\Drivers\etc folder.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.