Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Wireless Connection down after Trojan
   
BullGuard Antivirus Forum > Virus > Alerts & New Threats > Wireless Connection down after Trojan  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Wireless Connection down after Trojan
[ << Previous Thread | Next Thread >> ]

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-22-2009 11:38 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
I recently acquired a Trojan and removed it using Malwarebytes. Now I am unable to connect to my wireless network.

My hardware all seems to be in working order but there are 'No wireless networks found in range'

Find below a quick and full scan log from Malwarebytes:

Malwarebytes' Anti-Malware 1.41
Database version: 3012
Windows 5.1.2600 Service Pack 3

22/10/2009 19:03:57
mbam-log-2009-10-22 (19-03-57).txt

Scan type: Quick Scan
Objects scanned: 105265
Time elapsed: 14 minute(s), 36 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
C:\Documents and Settings\Vaio Rock\Local Settings\Temp\a.exe (Trojan.Downloader) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Vaio Rock\Local Settings\Temp\a.exe (Trojan.Downloader) -> Delete on reboot.
C:\Documents and Settings\Vaio Rock\Local Settings\Temp\b.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\ADAPT_Installer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\E.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

_____________________________________________________________________________________________________________


Malwarebytes' Anti-Malware 1.41
Database version: 3012
Windows 5.1.2600 Service Pack 3

22/10/2009 21:30:33
mbam-log-2009-10-22 (21-30-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 202442
Time elapsed: 52 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{B998679B-53EC-4073-A4A0-9A1BEFA19454}\RP648\A0065577.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16754
  		   Posted 10-23-2009 6:05 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Hello steerock smile
 
 
 
We need to get a comprehensive report of what is present in your system.

Please download DDS: http://download.bleepingcomputer.com/sUBs/dds.scr
 to your Desktop and doubleclick on DDs.scr to run it.
If your security software includes script blocking features, please disable these before you run this utility.
There are details for disabling many programmes [URL="http://www.bleepingcomputer.com/forums/topic114351.html"]Here[/URL]

When the scan has finished, two logs will open.
Copy and paste both reports in this topic.
 
 
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-23-2009 10:31 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-13.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 09/12/2007 14:21:10
System Uptime: 23/10/2009 10:18:54 (0 hours ago)
Processor:         Intel(R) Pentium(R) M processor 1.73GHz | N/A | 1729/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 33 GiB total, 7.231 GiB free.
D: is FIXED (NTFS) - 35 GiB total, 10.033 GiB free.
E: is Removable
F: is CDROM (CDFS)
G: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP638: 15/10/2009 10:19:47 - System Checkpoint
RP639: 16/10/2009 10:50:19 - System Checkpoint
RP640: 17/10/2009 03:00:56 - Software Distribution Service 3.0
RP641: 17/10/2009 10:35:02 - Avg8 Update
RP642: 17/10/2009 10:38:14 - Software Distribution Service 3.0
RP643: 18/10/2009 19:05:47 - Software Distribution Service 3.0
RP644: 19/10/2009 17:45:15 - Software Distribution Service 3.0
RP645: 20/10/2009 17:29:10 - Software Distribution Service 3.0
RP646: 20/10/2009 22:50:07 - Software Distribution Service 3.0
RP647: 21/10/2009 17:30:37 - Avg8 Update
RP648: 22/10/2009 03:01:05 - Software Distribution Service 3.0
RP649: 23/10/2009 00:04:48 - Software Distribution Service 3.0
==== Installed Programs ======================
 Leawo Free AVI Converter version  1.4.2.0
µTorrent
Ad-Aware
Adobe Acrobat  7.0 Elements
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop Elements 3.0
Adobe Premiere Standard
Adobe Reader 7.0.9
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Reader 8.1.6
Adobe Shockwave Player 11.5
Apple Software Update
ASIO4ALL
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATK0100 ACPI UTILITY
Audacity 1.3.5 (Unicode)
Audio MP3 Editor 3.80
AutoUpdate
AVG 8.5
AVI DivX MPEG to DVD Converter & Burner Pro 5.1
Bluetooth Stack for Windows by Toshiba
Click to DVD 2.0.03 Menu Data
Click to DVD 2.4.10
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
DeepBurner v1.9.0.228
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DVD Shrink 3.2
DVgate Plus
FL Studio 7
FLAC 1.2.1b (remove only)
Free DVD Decrypter version 1.3
Free DVD Video Burner version 1.1
Free Studio version 4.1
Free Video to DVD Converter version 1.1
Free Video to Mp3 Converter version 3.1
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
IL Download Manager
Image Converter 2
Intel(R) PROSet/Wireless Software
InterVideo WinDVD for VAIO
InterVideo WinDVDX
Java(TM) 6 Update 15
Magic ISO Maker v5.4 (build 0255)
Malwarebytes' Anti-Malware
Manic Miner for Windows 3.01
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (VAIO_VEDB)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ Run Time  Lib Setup
Microsoft Works
Microsoft XML Parser
mMHouse
Mozilla Firefox (3.5.3)
mPfMgr
mProSafe
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
mWlsSafe
mXML
MYP2P EPL MEDIA PLAYER
Native Instruments Service Center
Native Instruments Traktor FS 2
neroxml
OpenMG Secure Module 4.2.00
PPStream
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RegScrubXP 3.25
Roxio DigitalMedia Audio
Roxio DigitalMedia Copy
Roxio DigitalMedia Data
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Setting Utility Series
Sina Web TV
Skype™ 4.1
SonicStage 3.2
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Ericsson Bluetooth Remote Control 3.04
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
SopCast 2.0.4
SoulSeek Client 156c
SoulSeek Client 157 test 12c
Spotify
Stanton ScratchAmp Driver (V1.00)
TVAnts 1.0
TVUPlayer 2.4.7.2
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Update Service
VAIO Control Center
VAIO Edit Components
VAIO Entertainment Platform
VAIO Event Service
VAIO Launcher
VAIO Light Flo Wallpaper
VAIO Media 4.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 4.2
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Online Registration (English)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion HD Normal Contents
VAIO Original Screen Saver VAIO Motion HD Wide Contents
VAIO Original Screen Saver VAIO Motion SD Normal Contents
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Original Screen Saver VAIO Scene HD Wide Contents
VAIO Original Screen Saver VAIO Scene SD Normal Contents
VAIO Original Screen Saver VAIO Scene SD Wide Contents
VAIO Power Management
VAIO Product Survey
VAIO Update 3
VAIO Zone
VCRedistSetup
Veetle TV 0.9.15
VideoLAN VLC media player 0.8.6e
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VJOcx2.0
VOR
VPS
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR archiver
Wireless LAN Starter
Wireless Switch Setting Utility
Yahoo! Messenger
==== End Of File ===========================
Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-23-2009 10:31 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
DDS (Ver_09-10-13.01) - NTFSx86
Run by Vaio Rock at 10:27:28.84 on 23/10/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1362 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Stanton\FinalScratch\ScratchAmpControl.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
G:\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/ig?hl=en
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: H - No File
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [NordBull] c:\windows\msa.exe
mRun: [Hcontrol] c:\windows\atk0100\Hcontrol.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [Switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exe
mRun: [PDService.exe] c:\program files\utimaco\safeguard privatedisk\pdservice.exe
mRun: [ScratchAmp] c:\program files\stanton\finalscratch\ScratchAmpControl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX1000] c:\windows\vVX1000.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audiof~1.lnk - c:\program files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Transfer by Image Converter 2 - c:\program files\sony\image converter 2\menu.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\progra~1\yahoo!\messen~1\YPager.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197829727640
DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} - hxxp://dl.uc.sina.com/cab/downloader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\vaioro~1\applic~1\mozilla\firefox\profiles\1frafsc2.stee rock\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig?hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-15 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-10 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-10 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-10 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1170768]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2005-8-4 71961]
S1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys --> c:\windows\system32\drivers\PrivateDiskM.sys [?]
S2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
S2 vvdsvc;VJVodClientServices;c:\windows\system32\svchost.exe -k vvdsvc [2005-8-4 14336]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-3-1 16512]
S3 fs2_1394;fs2_1394;c:\windows\system32\drivers\fs2_1394.sys [2007-12-17 71936]
S3 fs2_avs;fs2_avs;c:\windows\system32\drivers\fs2_avs.sys [2007-12-17 24576]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\e.tmp --> c:\windows\system32\E.tmp [?]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2005-8-5 17251]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [2005-8-5 7520]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]

=============== Created Last 30 ================

2009-10-23 00:00 268 a---h--- C:\sqmdata04.sqm
2009-10-23 00:00 244 a---h--- C:\sqmnoopt04.sqm
2009-10-22 18:47 <DIR> --d----- c:\docume~1\vaioro~1\applic~1\Malwarebytes
2009-10-22 18:46 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-22 18:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-22 18:46 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-10-22 18:46 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-10-22 08:22 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-03 14:49 <DIR> --d----- c:\program files\Veetle
2009-09-29 19:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TVU Networks
2009-09-29 14:58 <DIR> --d----- c:\windows\system32\Adobe
2009-09-28 16:04 <DIR> --d----- C:\DVDVideoSoft

==================== Find3M ====================

2009-09-23 13:55 64,288 a------- c:\windows\system32\drivers\Lbd.sys
2009-09-11 15:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-04 22:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-09-03 10:17 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-29 08:36 832,512 a------- c:\windows\system32\wininet.dll
2009-08-29 08:36 78,336 a------- c:\windows\system32\ieencode.dll
2009-08-29 08:36 17,408 -------- c:\windows\system32\corpol.dll
2009-08-26 09:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-20 19:17 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-05 10:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-04 20:44 2,189,184 a------- c:\windows\system32\ntoskrnl.exe
2009-08-04 15:20 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2008-02-22 23:09 340 a------- c:\docume~1\vaioro~1\applic~1\wklnhst.dat
2008-09-28 12:37 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092820080929\index.dat

============= FINISH: 10:28:16.40 ===============
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16754
  		   Posted 10-23-2009 1:34 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
It looks like you still have some infections ->
 
 
Please download Combofix from:
 http://download.bleepingcomputer.com/sUBs/ComboFix.exe
 
 And save to the desktop.

Close all other browser windows.
 
Double-click on the combofix icon found on your desktop.
 
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

 When finished, it will produce a logfile located at C:\combofix.txt.
 

Post the contents of that log in your next reply
 
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-23-2009 2:12 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Thanks. Will get right on it and post as soon as it's done ;)

Post Edited (steerock) : 23-10-2009 13:13:12 GMT

Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-23-2009 2:25 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
A pop up said:
This machine does not have 'Microsoft Windows Recovery Console' installed.
To install click YES.  You must have an Internet connection.....
....which I don't so I clicked no and the scan started.  Presume this is OK?
Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-23-2009 2:35 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Here goes........

ComboFix 09-10-22.01 - Vaio Rock 23/10/2009 14:23.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1377 [GMT 1:00]
Running from: G:\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-3035643098-62855431-714670690-1003
c:\recycler\S-1-5-21-343818398-2000478354-725345543-1003

.
((((((((((((((((((((((((( Files Created from 2009-09-23 to 2009-10-23 )))))))))))))))))))))))))))))))
.

2009-10-22 17:47 . 2009-10-22 17:47 -------- d-----w- c:\documents and settings\Vaio Rock\Application Data\Malwarebytes
2009-10-22 17:46 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-22 17:46 . 2009-10-22 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-22 17:46 . 2009-10-22 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-22 17:46 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-22 07:22 . 2009-10-22 07:22 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-03 13:49 . 2009-10-03 13:49 -------- d-----w- c:\program files\Veetle
2009-10-02 14:03 . 2009-10-02 14:03 -------- d-----w- c:\program files\Common Files\Skype
2009-09-29 18:48 . 2009-09-29 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2009-09-29 13:58 . 2009-09-29 13:58 -------- d-----w- c:\windows\system32\Adobe
2009-09-28 15:04 . 2009-09-28 15:04 -------- d-----w- C:\DVDVideoSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-22 16:38 . 2007-12-09 19:35 -------- d-----w- c:\documents and settings\Vaio Rock\Application Data\uTorrent
2009-10-02 20:18 . 2008-07-23 10:02 -------- d-----w- c:\documents and settings\Vaio Rock\Application Data\Skype
2009-10-02 14:03 . 2007-12-09 14:29 -------- d-----r- c:\program files\Skype
2009-10-02 14:03 . 2008-07-23 10:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-02 12:31 . 2009-01-25 18:14 -------- d-----w- c:\documents and settings\Vaio Rock\Application Data\skypePM
2009-09-30 23:40 . 2008-10-18 00:44 -------- d-----w- c:\documents and settings\Vaio Rock\Application Data\Audacity
2009-09-29 18:48 . 2008-12-06 16:01 -------- d-----w- c:\program files\TVUPlayer
2009-09-23 12:55 . 2009-02-15 22:47 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-18 07:49 . 2008-11-01 20:34 -------- d-----w- c:\program files\Octoshape Streaming Services
2009-09-18 07:21 . 2005-08-05 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-09-17 21:58 . 2005-08-05 15:39 -------- d-----w- c:\program files\Sony
2009-09-17 21:58 . 2005-08-05 09:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-13 19:22 . 2009-09-13 18:59 -------- d-----w- c:\program files\Manic Miner
2009-09-11 14:18 . 2005-08-04 08:58 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-09 16:53 . 2008-06-15 20:17 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 21:03 . 2005-08-04 08:58 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 09:17 . 2009-02-16 17:00 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-30 21:58 . 2008-02-15 10:25 -------- d-----w- c:\program files\Image-Line
2009-08-29 14:01 . 2009-08-29 14:01 -------- d-----w- c:\program files\sina
2009-08-29 13:59 . 2009-08-29 13:59 -------- d-----w- c:\program files\MYP2P EPL MEDIA PLAYER
2009-08-29 07:36 . 2005-08-04 08:58 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2005-08-04 08:57 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2005-08-04 08:57 17408 ------w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2005-08-04 08:58 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 18:17 . 2009-03-10 19:34 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-20 18:17 . 2009-03-10 19:34 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-20 18:17 . 2009-03-10 19:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-18 13:18 . 2007-12-09 14:23 77000 ----a-w- c:\documents and settings\Vaio Rock\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 09:01 . 2005-08-04 08:58 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2005-08-04 08:58 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 22:59 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2007-08-24 19:52 . 2007-12-23 20:43 300400 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.

------- Sigcheck -------

[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

c:\windows\system32\eventlog.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 10:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-07-19 61440]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-02-14 53248]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 184320]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2005-01-20 167936]
"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]
"ScratchAmp"="c:\program files\Stanton\FinalScratch\ScratchAmpControl.exe" [2004-11-18 1363968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-17 2025752]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-10-22 781656]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-20 18:17 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2005-05-20 16:42 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\PPStream\\PPStream.exe"=
"c:\\Program Files\\PPStream\\PPSAP.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\WINDOWS\\system32\\Nagasoft\\FFVJPlayer.exe"=
"c:\\Program Files\\MYP2P EPL MEDIA PLAYER\\MYP2P EPL MEDIA PLAYER v1.1.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/02/2009 23:47 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10/03/2009 20:34 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10/03/2009 20:34 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [10/03/2009 20:34 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1170768]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [04/08/2005 09:59 71961]
S1 PrivateDisk;PrivateDisk;c:\windows\system32\Drivers\PrivateDiskM.sys --> c:\windows\system32\Drivers\PrivateDiskM.sys [?]
S2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [04/10/2004 04:47 98304]
S2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [04/10/2004 03:40 118784]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [01/03/2009 01:04 16512]
S3 fs2_1394;fs2_1394;c:\windows\system32\drivers\fs2_1394.sys [17/12/2007 20:58 71936]
S3 fs2_avs;fs2_avs;c:\windows\system32\drivers\fs2_avs.sys [17/12/2007 20:58 24576]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\E.tmp --> c:\windows\system32\E.tmp [?]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [05/08/2005 13:43 17251]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [05/08/2005 13:43 7520]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
Contents of the 'Scheduled Tasks' folder

2009-10-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 07:24]

2009-10-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-03-06 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
- c:\windows\vVX1000.exe [2008-03-06 21:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/ig?hl=en
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Transfer by Image Converter 2 - c:\program files\Sony\Image Converter 2\menu.htm
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} - hxxp://dl.uc.sina.com/cab/downloader.cab
FF - ProfilePath - c:\documents and settings\Vaio Rock\Application Data\Mozilla\Firefox\Profiles\1frafsc2.Stee Rock\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig?hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

AddRemove-FLAC - c:\program files\FLAC\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 14:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\E.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1152)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'explorer.exe'(608)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-10-23 14:32
ComboFix-quarantined-files.txt 2009-10-23 13:31

Pre-Run: 7,717,736,448 bytes free
Post-Run: 8,370,118,656 bytes free

- - End Of File - - D1E75104C2CADECA7C37F8B24C93C219
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16754
  		   Posted 10-25-2009 4:14 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Clean log. Any improvements ?

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-25-2009 7:05 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
No, still no wireless connection showing. Is there something glaringly obvious that I'm missing?
Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-26-2009 11:19 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
After extensive troubleshooting I've been advised to reformat Windows.  I cannot revert to a system restore point.  Is this my only option?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16754
  		   Posted 10-28-2009 7:27 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Try this ->
 
Go to the control panel & select "Administrative Tools".
2. In Administrative Tools, go to "Services".
3. On the Services screen, scroll down until you find "Wireless Zero Configuration".
4. Start this service.
5. Now go to "Network Connections" and right click your wireless adapter icon.
6. I can't remember exactly which tab it is, but find the one where you have the option
to check or uncheck "Use Windows to configure my wireless connections" or something to that effect. Make sure it is checked.

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

steerock
New Member


Date Joined Nov 2007
Total Posts : 10
  		   Posted 10-28-2009 7:59 (GMT +1)    Quote: Wireless Connection down after TrojanAlert an admin about: Wireless Connection down after Trojan
Tried that and everything else!

Had to use the recovery utility in the end and all is well.

Thanks for your help.
Back to Top
 
New Topic Locked Topic Printable version of : Wireless Connection down after Trojan
 
Forum Information
Currently it is Wednesday, March 17, 2010 9:00 PM (GMT +1)
There are a total of 76.277 posts in 17.610 threads.
In the last 3 days there were 11 new threads and 60 reply posts. View Active Threads
Who's Online
This forum has 31151 registered members. Please welcome our newest member, kas.
35 Guest(s), 1 Registered Member(s) are currently online.  Details
Nadal
5 Latest Threads
Can't perform a full system scan (6)17-03-2010 19:51:51 (booboo1)
Redirect virus - search results cause redirect to ad sites (7)17-03-2010 19:43:46 (kas)
Trojan horse Downloader.Agent2.SNR (0)17-03-2010 19:39:01 (taty03)
Ad.yieldmanager.com problem (6)17-03-2010 19:36:47 (IanR)
Trojan.Generic.KD.4056 (5)17-03-2010 16:20:06 (markusg)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard