TechSpot

Unable to access the Internet - 8 step guide followed

By Peter Spoors
Oct 14, 2010
  1. Hi guys

    During internet use this morning my laptop stopped connecting, I suspect a virus. I am only managing this by using my (v slow) dongle. Any help gratefully received. Attached are the logs asked for in the 8 step guide.

    Thanks

    Pete S
     

    Attached Files:

  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

  3. Peter Spoors

    Peter Spoors TS Rookie Topic Starter

    Broni

    Apologies for missing that.

    Hope the following can shed some light on my problem:


    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4821

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    14/10/2010 14:10:57
    mbam-log-2010-10-14 (14-10-57).txt

    Scan type: Quick scan
    Objects scanned: 146942
    Time elapsed: 3 minute(s), 46 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\$Recycle.Bin\S-1-5-21-2436487371-1068290825-1627760966-1003\$RAREXIK.exe (Antivirus.Action) -> Quarantined and deleted successfully.

    The DDS log is:



    DDS (Ver_10-10-10.03) - NTFS_AMD64
    Run by Peter at 16:56:32.04 on 14/10/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.3758.2141 [GMT 1:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
    C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Care\VCSpt.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
    C:\Program Files\Apoint\ApMsgFwd.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
    C:\Program Files\Apoint\Apvfb.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Sony\VAIO Care\VCsystray.exe
    C:\Program Files (x86)\Orange Mobile Partner\Orange Mobile Partner.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Peter\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S4F87.tmp" /EF "HKCU"
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    uRun: [inhwgxuo] C:\Users\Peter\AppData\Local\Temp\mdqfmlpvv\nyavhoxyhsn.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    StartupFolder: C:\Users\Peter\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NIKONM~1.LNK - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    StartupFolder: C:\Users\Peter\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    TCP: {CEF8AD6C-9D7D-41D2-9B61-739B4154A2F6} = 193.36.79.100 193.36.79.101
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Notify: VESWinlogon - VESWinlogon.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    BHO-X64: Windows Live Family Safety Browser Helper - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    AppInit_DLLs-X64: avgrssta.dll

    ============= SERVICES / DRIVERS ===============

    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-20 55280]
    R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-6-17 269904]
    R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-6-17 35536]
    R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-6-17 317520]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
    R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-15 308136]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-25 13336]
    R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2009-12-25 93696]
    R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2009-12-25 75776]
    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-9-27 257936]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-25 2320920]
    R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-9-16 845312]
    R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-25 52264]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-12-25 35104]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-25 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-12-25 151936]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-6-17 244736]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-12-25 11392]
    R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-20 571248]
    R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-1-20 1223024]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-12-25 395264]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-20 133104]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-6-17 430152]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-1-20 61280]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-8-5 704864]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 TVICHW64;TVICHW64;C:\Windows\System32\drivers\TVicHW64.sys [2010-8-28 21200]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-8 1255736]

    =============== Created Last 30 ================

    2010-10-14 12:17:48 -------- d-----w- C:\Users\Peter\AppData\Roaming\Malwarebytes
    2010-10-14 12:17:37 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2010-10-14 12:17:36 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2010-10-14 12:17:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2010-10-14 12:17:36 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2010-10-01 01:26:06 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
    2010-10-01 01:26:06 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
    2010-10-01 00:13:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-10-01 00:13:46 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-09-30 20:11:35 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
    2010-09-30 20:11:35 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
    2010-09-26 21:09:17 -------- d-----r- C:\Program Files (x86)\Skype
    2010-09-22 17:10:52 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
    2010-09-16 06:59:28 558592 ----a-w- C:\Windows\System32\spoolsv.exe

    ==================== Find3M ====================

    2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
    2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
    2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
    2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
    2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
    2010-08-28 11:26:20 21200 ----a-w- C:\Windows\System32\drivers\TVicHW64.sys
    2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
    2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
    2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
    2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
    2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
    2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
    2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
    2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
    2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
    2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
    2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll
    2010-07-17 04:00:04 423656 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    ============= FINISH: 16:56:49.25 ===============

    The attach.txt log is:



    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-10.03)

    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 31/03/2010 14:04:07
    System Uptime: 14/10/2010 14:25:08 (2 hours ago)

    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | N/A | 2133/133mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 290 GiB total, 223.18 GiB free.
    D: is Removable
    E: is CDROM ()
    F: is Removable
    G: is CDROM (CDFS)
    H: is Removable

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP71: 26/09/2010 12:33:25 - Avg Update
    RP72: 26/09/2010 12:34:12 - Avg Update
    RP73: 27/09/2010 12:41:06 - Removed VAIO Care
    RP74: 27/09/2010 12:41:42 - Installed VAIO Care
    RP75: 01/10/2010 02:25:53 - Windows Update
    RP76: 02/10/2010 17:14:41 - Windows Update
    RP77: 04/10/2010 06:32:39 - Windows Update
    RP78: 11/10/2010 00:23:00 - Avg Update
    RP79: 11/10/2010 03:00:02 - Windows Update
    RP80: 14/10/2010 08:52:04 - Windows Update
    RP81: 14/10/2010 09:37:32 - Windows Update
    RP82: 14/10/2010 09:42:15 - VAIO Care Automatic Restore Point
    RP83: 14/10/2010 09:44:17 - Windows Update
    RP84: 14/10/2010 09:44:34 - Windows Update
    RP85: 14/10/2010 09:45:41 - Windows Update
    RP86: 14/10/2010 09:47:14 - Windows Update
    RP87: 14/10/2010 09:47:26 - Windows Update
    RP88: 14/10/2010 09:58:25 - Windows Update
    RP89: 14/10/2010 14:24:07 - Windows Update

    ==== Installed Programs ======================


    2007 Microsoft Office system
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.0
    Aerodata Quantum+ (1024x768 Resolution)
    ArcSoft WebCam Companion 3
    AVG Free 9.0
    Business Contact Manager for Outlook 2007 SP2
    CCleaner
    GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Intel(R) Control Center
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Java Auto Updater
    Java(TM) 6 Update 21
    Junk Mail filter update
    Malwarebytes' Anti-Malware
    Microsoft Access 2000 Runtime
    Microsoft Choice Guard
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Hybrid 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server Setup Support Files (English)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nikon Message Center
    Nikon Transfer
    Norton Online Backup
    Orange Mobile Partner
    Picture Control Utility
    QuickTime
    Realtek High Definition Audio Driver
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Easy Media Creator 10 LJ
    Roxio Easy Media Creator Home
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office Outlook 2007 (KB2288953)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office Publisher 2007 (KB982124)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Setting Utility Series
    Skype Toolbars
    Skype™ 4.2
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (kb2410711)
    VAIO Care
    VAIO Control Center
    VAIO Data Restore Tool
    VAIO Event Service
    VAIO Gate
    VAIO Gate Default
    VAIO Hardware Diagnostics
    VAIO Marketing Tools
    VAIO Power Management
    VAIO Premium Partners
    VAIO Quick Web Access
    VAIO screensaver
    VAIO Smart Network
    VAIO Transfer Support
    VAIO Update
    VAIO Wallpaper Contents
    ViewNX
    Visual C++ 8.0 Runtime Setup Package (x64)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer

    ==== Event Viewer Messages From Past Week ========

    14/10/2010 14:25:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
    14/10/2010 14:24:25, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2160841).
    14/10/2010 12:35:01, Error: Service Control Manager [7031] - The AVG Free WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    ==== End Of File ===========================

    Finally the gmer log:

    GMER 1.0.15.15315 - http://www.gmer.net
    Rootkit scan 2010-10-14 14:53:44
    Windows 6.1.7600
    Running: 5kzvz4x6.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27b49
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2c8158b99e4d
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313f8f8c0
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27b49 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2c8158b99e4d (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313f8f8c0 (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----

    Hope I got it right this time & someone can help.

    Pete S
     
  4. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    I need more info here.
    What do you mean by a dongle? Some wireless adapter?
    Wireless works, but wired connection doesn't, or....?
     
  5. Peter Spoors

    Peter Spoors TS Rookie Topic Starter

    Broni

    I usually use my laptop wireless via a router in the house. When I'm away at work I use a 'dongle' a USB device enabling connection to mobile broadband. Since the normal wireless connection from my laptop failed the only way I found of connecting to the Internet was by using the 'dongle' in the house. This is much slower than normal broadband so loading the requested items took quite some time. Hopefully you now have some more clues but of course you can ask any more questions for information.

    Pete S
     
  6. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    We'll run more checks, but I want you to see, if you're able to use the following:

    - regular wireless in Safe Mode with Networking
    - hardwired connection in Normal Mode
    - hardwired connection in Safe Mode with Networking

    I also want to know, how did you establish, there was no connection.
    Your browser won't display any page?
    Did you try another browser?
    Did you try "ping" command to see, if your connection is really lost?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...