Evenata Posted December 1, 2009 Report Share Posted December 1, 2009 Please help me, i've tried everything, from port forwarding, changing configurations and redownloading torrents to check. But i keep getting the red sign and this message " A socket operation was attempted to reach an unreachable host " . ALL peer exchange, DHT and local peer discovery are not allowed. This has never happened to me before, it suddenly became like that. I used to be able to download torrents/ upload but now i can't! I keep getting the red arrow. Will a kind soul please help! I'll upload my hijack this and explorer processes.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:47:03 PM, on 12/1/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\nvsvc32.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\system32\spoolsv.exeD:\WINDOWS\Explorer.EXED:\Program Files\Common Files\InstallShield\UpdateService\issch.exeD:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeD:\WINDOWS\RTHDCPL.EXED:\Program Files\SingTel\McciTrayApp.exeD:\Program Files\HP\HP Software Update\HPWuSchd2.exeD:\Program Files\iTunes\iTunesHelper.exeD:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exeD:\Program Files\Cyberlink\Shared Files\brs.exeD:\Program Files\Java\jre6\bin\jusched.exeD:\WINDOWS\system32\RUNDLL32.EXED:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exeD:\WINDOWS\system32\ctfmon.exeD:\Program Files\DAEMON Tools Pro\DTProAgent.exeD:\Program Files\Messenger\msmsgs.exeD:\Documents and Settings\Owner\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exeD:\Program Files\Pando Networks\Media Booster\PMB.exeD:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeD:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exeD:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeD:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeD:\Program Files\Bonjour\mDNSResponder.exeD:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeD:\WINDOWS\system32\svchost.exeD:\Program Files\Java\jre6\bin\jqs.exeD:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeD:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeD:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exeD:\Program Files\Common Files\Motive\McciCMService.exeD:\WINDOWS\System32\svchost.exeC:\Defragmenter\PDAgent.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\PnkBstrA.exeD:\WINDOWS\system32\svchost.exeD:\Program Files\iPod\bin\iPodService.exeC:\Defragmenter\PDEngine.exeD:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeD:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeD:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeD:\Program Files\Internet Explorer\iexplore.exeD:\Program Files\Internet Explorer\iexplore.exeC:\Anime\Orbitdownloader\orbitdm.exeC:\Anime\Orbitdownloader\orbitnet.exeD:\Program Files\uTorrent\uTorrent.exeC:\Games\Cloud Nine\CloudNineLauncher.exeD:\Program Files\Internet Explorer\iexplore.exeD:\Program Files\Internet Explorer\iexplore.exeD:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\H110KD6V\HijackThis[1].exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.singnet.com.sg:8080R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local;<local>O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Anime\Orbitdownloader\orbitcth.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {07799F5D-4C0A-44A3-8DCA-17A507707784} - (no file)O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - (no file)O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - (no file)O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLLO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLLO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Anime\Orbitdownloader\GrabPro.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [JMB36X IDE Setup] D:\WINDOWS\RaidTool\xInsIDE.exeO4 - HKLM\..\Run: [36X Raid Configurer] "D:\WINDOWS\system32\xRaidSetup.exe" bootO4 - HKLM\..\Run: [NeroFilterCheck] "D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"O4 - HKLM\..\Run: [razertra] "D:\Program Files\Razer\razertra.exe"O4 - HKLM\..\Run: [OSSelectorReinstall] "D:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe"O4 - HKLM\..\Run: [iSUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [symantec PIF AlertEng] "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"O4 - HKLM\..\Run: [singTel_McciTrayApp] D:\Program Files\SingTel\McciTrayApp.exeO4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exeO4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayO4 - HKLM\..\Run: [RemoteControl9] "D:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"O4 - HKLM\..\Run: [bDRegion] D:\Program Files\Cyberlink\Shared Files\brs.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottimeO4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\Program Files\DAEMON Tools Pro\DTProAgent.exe"O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Octoshape Streaming Services] "D:\Documents and Settings\Owner\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrunO4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exeO4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: DualCoreCenter.lnk = D:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Download by Orbit - res://C:\Anime\Orbitdownloader\orbitmxt.dll/201O8 - Extra context menu item: &Grab video by Orbit - res://C:\Anime\Orbitdownloader\orbitmxt.dll/204O8 - Extra context menu item: Add to Banner Ad Blocker - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htmO8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Anime\Orbitdownloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Anime\Orbitdownloader\orbitmxt.dll/202O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exeO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cabO16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {D79AF61B-3D57-416F-97B7-D01B0C219CB7} (LSWebManager Control) - http://www.lostsaga.com/common/cab/LSWebManager.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: kafmkv.dll,D:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,D:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,D:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dllO23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeO23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exeO23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exeO23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)O23 - Service: LiveUpdate Notice Service - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeO23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: McciCMService - Motive Communications, Inc. - D:\Program Files\Common Files\Motive\McciCMService.exeO23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\WINDOWS\system32\GameMon.des.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exeO23 - Service: PDAgent - Raxco Software, Inc. - C:\Defragmenter\PDAgent.exeO23 - Service: PDEngine - Raxco Software, Inc. - C:\Defragmenter\PDEngine.exeO23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe--End of file - 14696 bytes--------------SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5834SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5622shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512sortkey.nls sorttbls.nls unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.5512uTorrent.exe µTorrent BitTorrent, Inc. 1.8.5.17414uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512thanks in advance Link to comment Share on other sites More sharing options...
GTHK Posted December 1, 2009 Report Share Posted December 1, 2009 Did you have a norton product installed at one point? It looks like you did but it left some garbage. Try using an openoffice torrent, remove all Kaspersky rules and make brand new ones, and if you had any of the products listed on this page run the tool to clean up: http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039 Link to comment Share on other sites More sharing options...
Evenata Posted December 2, 2009 Author Report Share Posted December 2, 2009 it still doesn't work. my router is 2710HGV-E btw, and my ISP should be singtel.. if this additional information helps. Link to comment Share on other sites More sharing options...
Switeck Posted December 4, 2009 Report Share Posted December 4, 2009 SingTel may be to blame:http://forum.utorrent.com/viewtopic.php?id=58465http://forum.utorrent.com/viewtopic.php?id=62174 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.