I seem to have a recurring malware on my system. Quicky Plaeyr, it gives me a runtime error 53 on start up. I got rid of it a few weeks back, but its come back again. Running vista 64bit. Web browsing will suddenly stop forcing me to run a winsock reset to get it back. The PC has become somewhat sluggish and despite diabling log in I keep having to type in my password to start Vista. Its fairly important that I don't have to re install, as I really don't have the time at the moment, and really need to use the PC for work.
I run Nod32 and CCleaner, as well as MalwareBytes.
I have followed the 8 steps, scanned with Malwarebytes twice this is the first log. I've also scanned and cleaned with CCleaner several times removed p2p program, and disabled nod32.
Malwarebytes' Anti-Malware 1.36
Database version: 2128
Windows 6.0.6001 Service Pack 1
21/05/2009 3:45:19 PM
mbam-log-2009-05-21 (15-45-19).txt
Scan type: Quick Scan
Objects scanned: 76986
Time elapsed: 5 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\QuickyPlaeyrSoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Winupdate (Spyware.Passwords) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Winupdate (Spyware.Passwords) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickyPlaeyr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Files Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickyPlaeyr\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\is-Z3E92.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
I run Nod32 and CCleaner, as well as MalwareBytes.
I have followed the 8 steps, scanned with Malwarebytes twice this is the first log. I've also scanned and cleaned with CCleaner several times removed p2p program, and disabled nod32.
Malwarebytes' Anti-Malware 1.36
Database version: 2128
Windows 6.0.6001 Service Pack 1
21/05/2009 3:45:19 PM
mbam-log-2009-05-21 (15-45-19).txt
Scan type: Quick Scan
Objects scanned: 76986
Time elapsed: 5 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\QuickyPlaeyrSoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Winupdate (Spyware.Passwords) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Winupdate (Spyware.Passwords) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickyPlaeyr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Files Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickyPlaeyr\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\is-Z3E92.exe (Spyware.Passwords) -> Quarantined and deleted successfully.