Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Viruses preventing internet access  (Read 4307 times)

0 Members and 1 Guest are viewing this topic.

keithll

    Topic Starter


    Newbie

    Viruses preventing internet access
    « on: October 29, 2009, 10:59:11 AM »
    I recently started using a laptop that had not accessed the internet for a number of years and now have multiple viruses and malware.

    I am unable to access the internet.

    I followed your very useful guide and ran all off the   programmes that you recommended although I was not able to verify version of Java.

    However here are 3 logs that you asked for.

    I hope that you can help

    Many thanks

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:46:34, on 29/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Program Files\AVG\AVG9\avgam.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
    C:\WINDOWS\system32\ICO.EXE
    C:\Program Files\Apoint\Apntex.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\Sony\HotKey Utility\HKserv.exe
    C:\PROGRA~1\AVG\AVG9\avgtray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\PowerPanel\Program\PcfMgr.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: PowerPanel.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
    O15 - Trusted Zone: *.Sony-europe.com
    O15 - Trusted Zone: *.Sonystyle-europe.com
    O15 - Trusted Zone: *.Vaio-link.com
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

    --
    End of file - 6648 bytes

    Malwarebytes' Anti-Malware 1.41
    Database version: 2775
    Windows 5.1.2600 Service Pack 3

    29/10/2009 13:24:22
    mbam-log-2009-10-29 (13-24-22).txt

    Scan type: Quick Scan
    Objects scanned: 91082
    Time elapsed: 15 minute(s), 41 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 153
    Registry Values Infected: 16
    Registry Data Items Infected: 3
    Folders Infected: 1
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{0026a548-2a19-e8a0-b03e-b8692a75086e} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4014c362-2da7-40f3-1c21-53e8844cd087} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{494feb7f-6626-1241-41d8-59e22db24fc2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4a167404-9a8f-6684-ef47-19fb5bd943ef} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4aa4deb6-f141-b724-8bcf-4995a82419f6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4f2d630b-cd4c-1206-edf4-4ed3900b1398} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{52287b95-3257-ccf7-3b86-b73978b045a2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{54e27eda-9b99-0e27-7246-db3cdd577165} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{555b79e9-da80-976e-4918-fe9c20d88a6f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{575e02ab-d638-2559-43ab-60df97b0d256} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5be00a73-5a3e-77a2-c459-9289e7ffbb15} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{62e182ee-072e-85df-552c-319b98b64e6c} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6eaf3580-b150-6d5f-d7bb-cc0ec951a6cf} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{71ad80f1-0996-b6ac-8140-3e7ee8b8e5dd} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{78138571-f4a5-1948-2df6-7e7eb47a2658} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{796977ed-d431-7ff4-f3cb-2abebc687630} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7d708fbb-fdad-d4ed-7b5a-fe8d0ffa7493} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{83ea0f26-e3a8-f644-2e66-1bec818fd94b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{83f033b6-3e4f-b858-069e-1dea757a732d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{84485e16-b0ee-b618-6d56-157a7afc754c} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{007196c5-0dd4-0764-f61e-200f74eee57c} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{00a77f45-682b-8de9-9e19-e2c9f51d8388} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{03f7ef8a-104d-1443-9f1b-069899745744} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{06f57557-ab6c-8a55-4922-73547511b8d2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0737e842-2bbe-ee74-78d8-d848bdf721c1} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0a82e0cd-c707-c66f-56d8-bfeeec72b3ff} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0bd9d438-2b62-1078-724b-e27ebd7f7a8f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{101e4c4f-a301-ad71-148e-584f7618a0ac} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{18a58aed-3730-309f-8879-665f0274dea3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1bb5d22a-38e3-3cdd-6fc2-017e4b687843} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1c64f2c7-c016-2c06-7a72-aed0431edcd1} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1fcb9023-a1d4-188c-5ae1-f34b8e87832b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{20d10bf1-3113-e7b7-0a47-a5b469034db2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{26a2097d-fe7e-31e3-eb0d-b476cc974da8} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2b74af48-6a85-7222-6651-ebbae148c5b3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2bbbb93e-c8e8-c1ee-093f-ea211a62b27b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2c7a5774-0575-3c1c-1789-b8c3e1cd9dde} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2c8e43e7-2fba-9397-cc7a-e85829069bc6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2ef89262-692c-51d0-cd84-c415d73f84eb} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{308e81ed-7218-8209-0b65-409e8a527503} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3246bb5c-f56c-50ce-9dc1-4568a444bf1f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{35400ed6-5cb6-5fb6-f0b9-af184fd63763} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3676c97e-85f8-4fe1-4ff3-5761ebcb649d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{37fa2744-03c3-5eaa-90c6-d685e5878db2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3b050b5f-44dd-d258-faa3-6ad723dde51d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3c0749de-9d0d-1b9a-52e6-2c347fdd15a9} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4222e084-9879-6354-96e0-20c15acdc125} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{49bc4b7d-a77b-dcf4-c29b-8f5040d7c9a5} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4c80fdd5-398a-c978-c78b-16a1293dd4de} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4d9b3ad6-f9c1-0739-3a6e-3d55d45a69e3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5064a943-ef53-7aca-9c6f-789e5941e345} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{541c14fc-a3aa-c18e-dbf1-600a7fa7940b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5820f447-ef2b-74e0-e561-3a3ca71075cb} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5b228e8b-e361-d45f-80a9-90e145c6c2d7} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5ced4913-56fe-6e51-1317-1e58d66e1241} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5d55721c-cee0-48e2-fd94-8bdf511364b1} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5df14f9d-6ed4-da4a-49a4-40f085a9bb86} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{60f07540-55bc-ac34-166a-67b6fa4dd197} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6455a07b-5629-2d89-9412-b3a2dd705bde} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6756a72c-5fd9-3e32-6951-6704aef8dd60} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{68342826-c702-235f-df6b-edbd264885ab} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{68905909-f475-dd43-8fe8-914e341aefd6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6a546779-bfd6-74a9-cb09-cf82cd486f69} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6b4fb954-58b2-e021-8ce4-02b6166ff436} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6c3ec276-e5ab-b2f5-9ff2-dc2ea9780271} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6cc6ddd2-220b-8f89-077a-058ce7a629e7} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6d6ec02c-6636-9df9-b412-c5bef8504f38} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{717b6b22-f136-7aeb-2a9c-c75beaaeaf04} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7364e5e6-0af3-c425-05b1-95e8c0eaa106} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{73bc1c09-7b64-bf93-ccaa-03c17312cd1a} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{75175df7-ef56-52a0-8766-55465e7173e2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{75dd56ad-165b-691c-92c1-76e7dfe84602} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{76126225-3758-4fe5-19e1-0942b74619ef} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7d2e936c-285c-5a66-3fe8-b76b480783c6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{80314aca-04e4-b2f8-6bb3-7d4a764f3c5f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{82fc74de-cca4-17f1-fa1e-760dc404a317} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{83b5d292-a22f-1b4a-d7f2-07b54755fff0} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8472f7ab-e15f-6e7a-d99b-11c50742533c} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8b6b6af7-467c-32f0-1c1f-cf0ab649d65e} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8bf6f24d-2c3c-d83a-e9ae-ec1c4f01daee} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8ce16525-b646-eee9-9681-39d46032b080} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8fbe6833-4b81-d3d0-bd98-7b192c046cc5} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{917c9db7-a28b-cb00-adaf-6908c65b70ad} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{91fb423f-5099-7870-a17c-a31006b70863} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{920d60b8-bb03-71f7-3edf-e3410301f4e0} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9238d60c-a78b-0639-7e0d-921aa5100090} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{924e3d0d-2679-ef9b-71b4-113a38f4b786} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{92c756df-e46f-0ce9-9fc2-b05bcac48d54} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{947195ed-fe5b-e80b-bbd1-00fbdb017f03} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9615ef71-014f-8973-b235-6bb870093e0e} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{96186c85-0e8a-d7d6-b8ce-58925a368a34} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9639a854-6a08-a929-ea74-6658559553e1} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{96b5c05d-0a64-92d1-38dc-46a95c6a77b6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{983cb576-f105-8bc6-0db8-f2c0dd84beed} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{99e96e31-813c-416a-b501-37dcd14c1253} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9b995423-493c-874a-b498-af856be7a7b2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9c8c2a58-0fad-af7c-cdb7-4cdc59e8e5a3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9e929e0c-fd56-322e-be5e-49024fc954a7} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9eebbedb-d9b2-5cea-1b37-c835ee0ca7f2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a18ce63e-6c47-00a5-8688-927b7eb5e2b5} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a1c155bc-81b7-7e44-b517-235d34bd11e6} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a1eb21b0-93cb-6a56-c7f3-d8bac1c6d9e4} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a2f6940d-2e6a-c73b-077d-01a6fdd1a521} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a414ebbb-bf4e-ffc8-f54b-c8c3f10a23df} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a444da5e-8020-74a6-f83a-e1d4431f9c12} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a56129f2-22a9-26de-9d0f-9ffe9585f22b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a572761a-8c09-6f81-8a7d-33a5fee989b9} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a783a33d-30b6-c96d-115c-30bfa0b79cbc} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{addf57d7-6c02-b77d-9604-a850006b4601} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{afa58b0d-4c3d-e90b-cf64-00ce780ba5ba} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b2c11550-352d-2588-2b00-55b92a5ae1a2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b467c6cb-1f46-9988-ccde-83fd25de8439} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b4a25a27-47a8-fd48-fce0-12dbcd6aebf3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bc0a87f3-9cd1-9f24-fe1e-b5a1f17cdcb9} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{be85b5d4-67b1-3948-ca69-c91bd476994b} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c039a8ae-771a-2609-abe9-6ff57a8e39b3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c1c97595-b998-b9a8-eeba-a15a7b78460f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c4c08c4b-ad9b-37b1-8f3f-ad38323512c3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c57c74a9-abb0-e9f3-8c85-ddd33cad0cc8} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c63463b7-3e71-3e14-49fb-17c35c7dfe07} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c90c53c1-6e23-3684-a3d6-61b8f8daf4e4} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ca776317-17bb-7877-01fa-d15cfee0c200} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cc64b45d-d6fc-76b2-d06f-cef1ad314b4d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cccb4f66-1595-c87f-4318-95e99ecc105a} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cd201855-6c54-fcc8-84e8-f1b657d49d38} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d2498b94-25f7-a0bb-f8cd-f0f9ff4dfdc3} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d6189896-ad1c-e3b2-afe6-4b692e91b20f} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d72366d6-ca69-61dd-540c-aca7b20fa09a} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d8583457-f929-f1b1-f466-b04b4de7b055} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{deda84e9-967e-0e2e-ade2-fdbfbd314aab} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e24dd253-11ff-70cb-86ac-3b55bdc76f9c} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e3a921e8-e1f6-b9be-6302-bae80924fce7} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e3fb3d9b-a958-33c1-23b9-c8414ec3d98d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e52fa195-5a6f-2177-f3bd-b37d3644acc2} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e59d9298-124d-2169-bc13-ea9ed9a48dc0} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e6c4d142-adfb-1690-e3b7-17999ebda1fa} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e81e3309-bdd5-bc2f-852a-715db42797f9} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e995a142-7914-3fe8-d60b-ad05b1ee5efc} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ea871865-08d6-d09d-46fd-1f353eb479fc} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{eb14f04f-488b-81f4-9203-a1a7c1eae661} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ede6231f-aaa4-ff23-82a0-3d3059ce3d55} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{effb84cb-2818-00ba-cef5-914848b920ae} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f059511f-ed8f-4e6d-1ca0-71d619afb174} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f148a717-4004-f18a-39bf-324236ea4566} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f3d1f763-6168-a4aa-ae26-04f83b3404b0} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f47cf54f-845e-6ca5-3c6b-ee10c17d4ad5} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f59b9001-7b62-fc18-c39a-959985d05ed7} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f699592f-1b83-75da-afef-3f2e360fbe28} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f78fd0b0-9278-dac5-18a8-abcd9b80b615} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f81fab34-f8b8-bd27-049c-5fbb17c7926a} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f83557ed-5fd1-739a-99ec-11ba129bf0ce} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f9c5784c-c3b6-dd55-1c3f-f4ae48481fe8} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSWindows (Worm.Allaple) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg515-k641-55sf-n66p (Worm.AutoRun) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tjii321 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Local Security Authority Service (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Logon Application (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Network Firewall (Trojan.Proxy) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitToKillServiceT (Malware.Trace) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.

    Files Infected:
    C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 10/29/2009 at 12:34 PM

    Application Version : 4.29.1004

    Core Rules Database Version : 4162
    Trace Rules Database Version: 1978

    Scan type       : Complete Scan
    Total Scan Time : 01:45:56

    Memory items scanned      : 446
    Memory threats detected   : 0
    Registry items scanned    : 6793
    Registry threats detected : 1
    File items scanned        : 30415
    File threats detected     : 2

    Trojan.SpooISV
       HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Spooler SubSystem App [ C:\WINDOWS\System32\spooIsv.exe ]

    Trojan.Agent/Gen-IRCBot
       C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034712.EXE
       C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034752.EXE
    Logged

    harry 48



      Egghead

    • lay back , relax and chill out
      • Thanked: 129
      • Yes
      • Yes
      • Yes
      • Dribbling Pensioner
    • Certifications: List
    • Experience: Familiar
    • OS: Windows 7
    Re: Viruses preventing internet access
    « Reply #1 on: October 31, 2009, 03:10:33 PM »
    re-run the malware and post a clean log
    Logged

    SuperDave

    • Malware Removal Specialist
    • Moderator


      • Genius
      • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: Viruses preventing internet access
    « Reply #2 on: October 31, 2009, 04:41:54 PM »
    Malwarebytes' Anti-Malware (MBAM)

    If you already have Malwarebytes be sure to check for updates before scanning!
    You are running an older version. The newest one should be database 3070
    Logged
    Windows 8 and Windows 10 dual boot with two SSD's

    keithll

      Topic Starter


      Newbie

      Re: Viruses preventing internet access
      « Reply #3 on: November 01, 2009, 10:13:17 AM »
      Thank you for the responses.

      Unfortuna\tely, because I cannot access the internet I am unable to download updates to the 2 software packages.

      I have run both again, plus HiJack This and the 3 log files are below.

      SUPERAntiSpyware Scan Log
      http://www.superantispyware.com

      Generated 11/01/2009 at 02:12 PM

      Application Version : 4.29.1004

      Core Rules Database Version : 4162
      Trace Rules Database Version: 1978

      Scan type       : Quick Scan
      Total Scan Time : 01:04:22

      Memory items scanned      : 405
      Memory threats detected   : 0
      Registry items scanned    : 387
      Registry threats detected : 0
      File items scanned        : 8404
      File threats detected     : 0

      Malwarebytes' Anti-Malware 1.41
      Database version: 2775
      Windows 5.1.2600 Service Pack 3

      01/11/2009 16:54:48
      mbam-log-2009-11-01 (16-54-48).txt

      Scan type: Full Scan (C:\|D:\|)
      Objects scanned: 217638
      Time elapsed: 3 hour(s), 4 minute(s), 24 second(s)

      Memory Processes Infected: 0
      Memory Modules Infected: 0
      Registry Keys Infected: 0
      Registry Values Infected: 0
      Registry Data Items Infected: 0
      Folders Infected: 0
      Files Infected: 1

      Memory Processes Infected:
      (No malicious items detected)

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      (No malicious items detected)

      Registry Values Infected:
      (No malicious items detected)

      Registry Data Items Infected:
      (No malicious items detected)

      Folders Infected:
      (No malicious items detected)

      Files Infected:
      C:\System Volume Information\_restore{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034685.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 16:56:50, on 01/11/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\AVG\AVG9\avgchsvx.exe
      C:\Program Files\AVG\AVG9\avgrsx.exe
      C:\Program Files\AVG\AVG9\avgcsrvx.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Apoint\Apoint.exe
      C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
      C:\WINDOWS\system32\ICO.EXE
      C:\WINDOWS\System32\ezSP_Px.exe
      C:\Program Files\Sony\HotKey Utility\HKserv.exe
      C:\PROGRA~1\AVG\AVG9\avgtray.exe
      C:\Program Files\Apoint\Apntex.exe
      C:\Program Files\Sony\HotKey Utility\HKWnd.exe
      C:\Program Files\AVG\AVG9\avgwdsvc.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\Program Files\Orange Mobile Partner\Orange Mobile Partner.exe
      C:\Program Files\PowerPanel\Program\PcfMgr.exe
      C:\Program Files\AVG\AVG9\avgam.exe
      C:\Program Files\AVG\AVG9\avgnsx.exe
      C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
      O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
      O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
      O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
      O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
      O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
      O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
      O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
      O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user')
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: PowerPanel.lnk = ?
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
      O15 - Trusted Zone: *.Sony-europe.com
      O15 - Trusted Zone: *.Sonystyle-europe.com
      O15 - Trusted Zone: *.Vaio-link.com
      O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
      O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing)
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

      --
      End of file - 6040 bytes
      Logged
      Pages: [1]   Go Up
      « previous next »