Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot connect to anitvirus web sites


  • This topic is locked This topic is locked
2 replies to this topic

#1 SamikS

SamikS

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 22 January 2009 - 10:14 PM

Hello:

Hope you guys are doing well.

I purchased a Norton Internet Security when (expired) Windows Security Center started giving me warnings about viruses (this was right around the new year). I could not install it because my browsers could not connect to symantec.com. According to Norton support, this is a virus that is stops my machine from connecting to antivirus sites, and indeed I cannot connect to Trend or Norton. I tried AVG and Avira; both claimed to have removed viruses, but the problem remains. My PC has also become sluggish and hangs without much rhyme or reason, especially when connected to internet.

I tried to reimage (last and an unwelcome resort) but when I put my Dell CD, it said "\i386\halaacpi.dll cannot be loaded; error code 47872."

I'd appreciate any help or pointers. Please see my dds.txt below. I am also attaching attach.txt. Thanks for your time.

Best regards,
Samik

DDS (Ver_09-01-07.01) - NTFSx86
Run by sutapa at 19:46:16.42 on Thu 01/22/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.262 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\UB-VPN\cvpnd.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
c:\windows\explorer.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Garmin\gStart.exe
C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe
C:\Documents and Settings\sutapa\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.gmail.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.dell4me.com/myway
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Shell=c:\windows\explorer.exe
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: {549B5CA7-4A86-11D7-A4DF-000874180BB3} - No File
BHO: {605904dd-ad7e-4b41-a61a-20fff8ab0db8} - c:\windows\system32\qoMgdaAR.dll
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\awtusqOi.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar4.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar4.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.0.0.125\coIEPlg.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [gStart] c:\garmin\gStart.exe
uRun: [Google Update] "c:\documents and settings\sutapa\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [GetModule32] "c:\program files\getmodule\GetModule32.exe"
uRun: [44106873865598877501006931536552] c:\program files\antivirus 2009\av2009.exe
uRun: [ieupdate] "c:\windows\system32\explorer32.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
mRun: [EPSON Stylus Photo R200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MXO Auto Loader] c:\windows\MXOALDR.EXE
mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\adobe photoshop lightroom 1.2\apdproxy.exe"
mRun: [MP10_EnsureFileVer] c:\windows\inf\unregmp2.exe /EnsureFileVersions
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [MioNet] c:\program files\mionet\MioNetLauncher.exe /p
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer3\HDDCameraMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\univer~1.lnk - c:\program files\ub-vpn\vpngui.exe
mPolicies-explorer: <NO NAME> =
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
Trusted Zone: musicmatch.com
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: awtusqOi - awtusqOi.dll
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: mkkzfk.dll,wohloi.dll,jlutqz.dll,frsqag.dll,eosvvv.dll,assdbw.dll,avgrsstx.dll ypcpms.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\awtusqOi.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\qoMgdaAR

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sutapa\applic~1\mozilla\firefox\profiles\7jlg3wsi.default\

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1000000.07d\SymEFA.sys [2009-1-6 309296]
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-11 11840]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-1-7 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-1-7 26824]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1000000.07d\BHDrvx86.sys [2009-1-6 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1000000.07d\ccHPx86.sys [2009-1-6 362544]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-11 52032]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-1-6 99376]
R4 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-11 68865]
R4 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-11 151297]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-1-7 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-7 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-7 76040]
R4 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [2009-1-6 115560]
S1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20080826.006\IDSxpx86.sys [2009-1-6 274808]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVENG.SYS [2009-1-6 89104]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVEX15.SYS [2009-1-6 873552]
S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2009-1-7 1251720]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2004-7-23 189792]
S4 MioNet;MioNet; [x]
S4 navapsvc;Norton AntiVirus Auto Protect Service;"c:\program files\norton internet security\norton antivirus\navapsvc.exe" --> c:\program files\norton internet security\norton antivirus\navapsvc.exe [?]

=============== Created Last 30 ================

2009-01-12 21:36 129,024 a------- c:\windows\system32\hxwxlfyq.dll
2009-01-12 21:33 1,266,872 ---sh--- c:\windows\system32\bxvvyohm.ini
2009-01-12 21:33 72,704 a------- c:\windows\system32\mhoyvvxb.dll
2009-01-11 18:21 <DIR> --d----- c:\program files\Avira
2009-01-11 18:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-01-07 16:29 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-01-07 16:20 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-07 16:20 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-01-07 16:20 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-01-07 16:20 <DIR> --d----- c:\docume~1\sutapa\applic~1\AVGTOOLBAR
2009-01-07 16:19 76,040 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-07 16:19 <DIR> --d----- c:\program files\AVG
2009-01-07 16:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-01-07 14:12 <DIR> --d----- c:\program files\Norton Security Scan
2009-01-06 23:39 35,888 a----r-- c:\windows\system32\drivers\SymIM.sys
2009-01-06 23:39 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-06 23:39 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-01-06 23:39 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-06 23:39 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-01-06 23:38 <DIR> --d----- c:\windows\system32\drivers\NIS
2009-01-06 23:38 <DIR> --d----- c:\program files\Norton Internet Security
2009-01-06 23:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2009-01-06 23:36 <DIR> --d----- c:\program files\NortonInstaller
2009-01-06 23:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-01-06 22:47 1,320,830 ---sh--- c:\windows\system32\ojbopvky.ini
2009-01-06 22:46 72,704 a------- c:\windows\system32\ykvpobjo.dll
2009-01-06 22:46 129,024 a------- c:\windows\system32\kvxleafv.dll
2009-01-06 11:10 0 a------- c:\windows\system32\mcrh.tmp
2009-01-06 10:43 311,296 a------- c:\windows\system32\winsrc.dll
2009-01-05 19:04 <DIR> --d----- c:\docume~1\sutapa\applic~1\WD
2009-01-05 18:23 1,307,392 ---sh--- c:\windows\system32\rnoqqoub.ini
2009-01-05 18:23 72,704 a------- c:\windows\system32\buoqqonr.dll
2009-01-04 23:44 129,024 a------- c:\windows\system32\ykteofgn.dll
2009-01-04 23:41 1,307,356 ---sh--- c:\windows\system32\blnhsaqk.ini
2009-01-04 20:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MemeoCommon
2009-01-04 20:30 <DIR> --d----- c:\program files\Western Digital
2009-01-04 20:29 <DIR> --d----- c:\program files\MioNet
2009-01-04 20:29 <DIR> --ds---- c:\docume~1\alluse~1\applic~1\WD
2009-01-04 20:28 <DIR> --d----- c:\program files\common files\eSellerate
2009-01-04 20:28 <DIR> --d----- c:\program files\WD
2009-01-04 18:36 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-01-04 18:36 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-04 18:35 21,504 a------- c:\windows\system32\drivers\hidserv.dll
2009-01-03 23:38 129,024 a------- c:\windows\system32\imjuyxnc.dll
2009-01-03 23:38 1,307,356 ---sh--- c:\windows\system32\mtydppss.ini
2009-01-03 23:38 72,704 a------- c:\windows\system32\ssppdytm.dll
2009-01-02 00:45 122,880 a------- c:\windows\system32\ieupdates.exe
2009-01-01 23:37 129,024 a------- c:\windows\system32\dmfmubbt.dll
2009-01-01 23:36 1,755,812 a--sh--- c:\windows\system32\bibrsigg.ini
2009-01-01 23:36 72,704 a------- c:\windows\system32\ggisrbib.dll
2008-12-25 23:03 129,024 a------- c:\windows\system32\cvtcts.dll
2008-12-25 23:03 129,024 a------- c:\windows\system32\xjnwiuty.dll
2008-12-25 22:54 1,755,812 a--sh--- c:\windows\system32\rhcfnehk.ini
2008-12-24 22:55 1,661,209 a--sh--- c:\windows\system32\uyqyfeny.ini
2008-12-24 22:55 72,704 a------- c:\windows\system32\ynefyqyu.dll
2008-12-24 22:51 129,024 a------- c:\windows\system32\wohloi.dll
2008-12-24 22:51 129,024 a------- c:\windows\system32\xgnpfhsi.dll
2008-12-24 11:59 45,056 a------- c:\windows\system32\fccdaXpq.dll

==================== Find3M ====================

2009-01-22 19:46 663,453 a--sh--- c:\windows\system32\RAadgMoq.ini2
2008-12-23 19:01 129,024 a------- c:\windows\system32\opyyuaqu.dll
2008-12-23 19:01 129,024 a------- c:\windows\system32\mkkzfk.dll
2008-12-23 18:58 72,704 a------- c:\windows\system32\uqtvdvhp.dll
2008-12-23 18:49 302,592 a------- c:\windows\system32\qoMgdaAR.dll
2008-12-21 23:36 875,747 a--sh--- c:\windows\system32\MpXbKkkj.ini2
2008-12-21 23:36 72,704 a------- c:\windows\system32\amykripd.dll
2008-12-21 23:27 45,056 a------- c:\windows\system32\xxyxyyyy.dll
2008-12-21 23:27 22,016 a------- c:\windows\system32\digeste.dll
2008-12-16 22:54 246 a------- c:\windows\system32\drivers\atmapi.sys
2008-12-12 12:33 3,060,224 -------- c:\windows\system32\dllcache\mshtml.dll
2008-11-25 22:36 577,536 a------- c:\windows\system32\user32.DLL
2008-11-25 22:36 577,536 a------- c:\windows\system32\dllcache\user32.dll
2008-11-25 22:36 237,568 a------- c:\windows\system32\nvaux32.dll

============= FINISH: 19:49:39.29 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:01 PM

Posted 01 February 2009 - 12:07 PM

Hi

Sorry for delayed response but forums have been very busy. If you still need help with this post a fresh DDS report, please.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:01 PM

Posted 06 February 2009 - 01:57 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter. Should you have a new issue, please start a New Topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users