Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems with: Web browsers, Internet, Search engines, antivirus softw

Started by ciregno , Apr 15 2009 09:52 PM

  • This topic is locked This topic is locked

#16
fenzodahl512
Posted 17 April 2009 - 07:03 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic



How's the computer now? :)
  • 0

Advertisements

#17
ciregno
Posted 17 April 2009 - 09:14 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
My computer isn't as slow, but my internet still randomly crashes and the browsers stop working. The internet usually stops working around after an hour or 2. The scan is taking too long and the scan can't complete because the internet randomly crashes. I've attempted scanning my comp twice with the scanner provided and my internet stops working mid scan. Also, is my Sophos supposed to stay on during the scan or am I supposed to disable it? I get a lot of notifications from Sophos when the scan is running about files being infected and deleted.

The only way for the internet to work is if I restart my computer. I can't disable the connection because then I won't be able to enable it for some reason.

I will keep trying to scan the computer and hope that it completes before the internet crashes.
  • 0

#18
fenzodahl512
Posted 17 April 2009 - 09:22 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Do a fullscan with your Sophos Antivirus and disinfect/remove everything that it find..

I'm not familiar with Sophos product but if you can get a log of it after the scan, please post it here.. It would be very useful

Please report here what Sophos find and does it successfully disinfect/remove them :)
  • 0

#19
ciregno
Posted 18 April 2009 - 12:06 AM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=4018 (20090418)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=c833bd5724e7504490e5a2033eb80b2a
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2009-04-18 05:55:10
# local_time=2009-04-18 01:55:10 (-0500, Eastern Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 3
# scanned=470452
# found=0
# scan_time=9506

the eset scanner worked and picked up nothing. internet has yet to crash so far. sophos can update. although clicking on a link on google will bring me to another webpage that is completely unrelated to the website that i clicked on.
  • 0

#20
fenzodahl512
Posted 18 April 2009 - 12:59 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please download GooredFix and save it to your Desktop. Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt). Note: Do not run Option #2 yet.
  • 0

#21
ciregno
Posted 18 April 2009 - 08:12 AM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
GooredFix v1.92 by jpshortstuff
Log created at 10:11 on 18/04/2009 running Option #1 (Eric Ong)
Firefox version 3.0.8 (en-US)

=====Suspect Goored Entries=====

C:\Program Files\Mozilla Firefox\extensions\{D98D96C5-5526-4F4B-9833-8EF0D46D29F3}

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\mozilla firefox 3.0.8\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\mozilla firefox 3.0.8\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"
  • 0

#22
fenzodahl512
Posted 18 April 2009 - 11:34 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please double-click Goored.exe on your Desktop to run it. Select 2. Fix Goored by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point. Type y at the prompt and press Enter again. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).


Reboot your computer.. How's it now? :)
  • 0

#23
ciregno
Posted 18 April 2009 - 03:56 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
GooredFix v1.92 by jpshortstuff
Log created at 17:43 on 18/04/2009 running Option #2 (Eric Ong)
Firefox version 3.0.8 (en-US)

=====Goored Deletions=====
C:\Program Files\Mozilla Firefox\extensions\{D98D96C5-5526-4F4B-9833-8EF0D46D29F3}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\mozilla firefox 3.0.8\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\mozilla firefox 3.0.8\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

start up of my computer is still slow, but everything seems to be running smoother after windows is done starting up. internet seems fine so far, but it's too early to tell since it would stop working after 2 hrs or so. will keep you posted. i still randomly get redirected to websites though on google, but it's rare now. THANKS for all the help thus far! you've been a great help. how many more steps is there usually?

Edited by ciregno, 18 April 2009 - 03:57 PM.

  • 0

#24
fenzodahl512
Posted 18 April 2009 - 07:47 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts

how many more steps is there usually?


Should be almost finish by now.. Just use the computer for a couple of days then report back to me if you encounter any issues.. :)
  • 0

#25
ciregno
Posted 18 April 2009 - 07:57 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
my internet died on me again. it just stopped working. is there any way to stop this? im tired of restarting my comp. :)

Edited by ciregno, 18 April 2009 - 07:57 PM.

  • 0

Advertisements

#26
fenzodahl512
Posted 18 April 2009 - 08:05 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Reboot your computer and do below...

Please download RUNSCANNER to your desktop and run it.
  • When the first page comes up select Beginner Mode
  • On the next page select Save a binary .Run file (Recommended) then click Start full scan at the top.
  • At this time Runscanner.exe may request access to the Internet through your firewall please allow it to do so, it will then run for two or three minutes.
  • It will then ask you to save two files, the .run file and the log. Save both of them in your Desktop.
  • You will see the .run file on your desktop. Please zip the .run file and attach it in your next reply

Then upload that as an attachment in your next post.
  • 0

#27
ciregno
Posted 18 April 2009 - 08:18 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
my sophos can't update either anymore... grr.
  • 0

#28
ciregno
Posted 18 April 2009 - 08:29 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Runscanner logfile

* = signed file
- = file not found

General info
------------
Computer name : ADMINISTRATOR
Creation time : 4/18/2009 10:24:40 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.11
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.8.0.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
* C:\Program Files\AIM6\aim6.exe (AOL LLC)
* C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
* C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation)
C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca AB)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
* C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
C:\WINDOWS\system32\LVComsX.exe (Logitech Inc.)
* C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
* C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
* C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
* C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
* C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
* C:\WINDOWS\system32\mqsvc.exe (Microsoft Corporation)
* C:\WINDOWS\system32\SearchIndexer.exe (Microsoft Corporation)
* C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)
* C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
* C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
C:\Program Files\Logitech\Video\FxSvr2.exe (Logitech Inc.)
* C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
* C:\Documents and Settings\Eric Ong\Desktop\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
* C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
C:\Program Files\Vongo\VongoService.exe (Starz Entertainment Group LLC)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\mqtgsvc.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

Unrated items
-------------
002 C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
002 * C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
002 C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
002 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
002 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
002 C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
002 C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
002 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
002 C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
002 C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
002 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
002 * C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
003 * C:\Program Files\AIM6\aim6.exe (AOL LLC)
003 C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
003 C:\Program Files\Tunebite\tunebite.exe (RapidSolution Software AG)
004 C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
004 C:\Program Files\ERUNT\AUTOBACK.EXE
004 * C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
004 C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
005 C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
005 C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
005 C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
010 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (AddFiltr)
010 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service)
010 * C:\WINDOWS\system32\services.exe (Event Log)
010 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex)
010 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (InstallDriver Table Manager)
010 C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService Direct Disc Labeling Service)
010 * C:\WINDOWS\system32\services.exe (Plug and Play)
010 C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Anti-Virus)
010 C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Anti-Virus status reporter)
010 C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos AutoUpdate Service)
010 C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Manager Service)
010 C:\Program Files\Vongo\VongoService.exe (Vongo Service)
011 * C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR ASPI Filter Driver)
011 C:\WINDOWS\system32\DRIVERS\mhndrv.sys (MHN driver)
011 C:\WINDOWS\system32\drivers\pfc.sys (Padus ASPI Shell)
011 C:\WINDOWS\System32\Drivers\PxHelp20.sys (PxHelp20)
011 * C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys (SAVOnAccessControl)
011 * C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys (SAVOnAccessFilter)
011 * C:\WINDOWS\system32\DRIVERS\s616bus.sys (Sony Ericsson Device 616 driver (WDM))
011 * C:\WINDOWS\system32\DRIVERS\s616nd5.sys (Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS))
011 * C:\WINDOWS\system32\DRIVERS\s616unic.sys (Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM))
011 * C:\WINDOWS\system32\DRIVERS\s616mgmt.sys (Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM))
011 * C:\WINDOWS\system32\DRIVERS\s616mdm.sys (Sony Ericsson Device 616 USB WMC Modem Driver)
011 * C:\WINDOWS\system32\DRIVERS\s616mdfl.sys (Sony Ericsson Device 616 USB WMC Modem Filter)
011 * C:\WINDOWS\system32\DRIVERS\s616obex.sys (Sony Ericsson Device 616 USB WMC OBEX Interface)
011 C:\WINDOWS\system32\DRIVERS\w600bus.sys (Sony Ericsson W600 driver (WDM))
011 C:\WINDOWS\system32\DRIVERS\w600mgmt.sys (Sony Ericsson W600 USB WMC Device Management Drivers)
011 C:\WINDOWS\system32\DRIVERS\w600mdm.sys (Sony Ericsson W600 USB WMC Modem Drivers)
011 C:\WINDOWS\system32\DRIVERS\w600mdfl.sys (Sony Ericsson W600 USB WMC Modem Filter)
011 C:\WINDOWS\system32\DRIVERS\w600obex.sys (Sony Ericsson W600 USB WMC OBEX Interface Drivers)
011 C:\WINDOWS\system32\drivers\tbhsd.sys (Tunebite High-Speed Dubbing)
011 C:\WINDOWS\System32\Drivers\btwusb.sys (WIDCOMM USB Bluetooth Driver)
030 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {733AC4CB-F1A4-11d0-B951-00A0C90312E1}
045 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {0E5CBF21-D15F-11D0-8301-00AA005B4383}
050 * C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) {AEB6717E-7E19-11d0-97EE-00C04FD91972}
052 GUID / CLSID not found {A8F38D8D-E480-4D52-B7A2-731BB6995FDD}
052 C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) {dbc80044-a445-435b-bc74-9c25c1c588a9}
052 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) {e7e6f031-17ce-4c07-bc86-eabfe594f69c}
052 C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) {39ea7695-b3f2-4c44-a4bc-297ada8fd235}
060 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {fbeb8a05-beee-4442-804e-409d6c4515e9}
060 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7849596a-48ea-486e-8937-a2a3009f31a9}
061 C:\WINDOWS\system32\nvshell.dll {1CDB2949-8F65-4355-8456-263E7C208A5D}
061 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47}
061 C:\Program Files\Logitech\Video\Namespc2.dll (Logitech Inc.) {400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}
061 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
061 * C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
061 C:\WINDOWS\system32\ShellvRTF.dll (XSS) {7F67036B-66F1-411A-AD85-759FB9C5B0DB}
061 C:\Program Files\Sony Ericsson\Mobile2\File Manager\FM.dll (Popwire AB) {03DAACC5-10BA-4E3E-9D54-2A569F6B4B87}
061 C:\Program Files\Sony Ericsson\Mobile2\File Manager\FM.dll (Popwire AB) {738D66C6-0149-4D40-84E4-A7BB2D0CE949}
061 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F01-7B1C-11d1-838f-0000F80461CF}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F02-7B1C-11d1-838f-0000F80461CF}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {66742402-F9B9-11D1-A202-0000F81FEDEE}
064 * C:\WINDOWS\system32\advapi32.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
100 ShellNext HKCU : http://ie.redirect.h...a...n&pf=laptop
100 Start Page HKCU : http://ie.redirect.h...a...n&pf=laptop
102 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
104 C:\WINDOWS\system32\ONLINE~1.OCX (Eset) {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
104 C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll (Sun Microsystems, Inc.) {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
105 E&xport to Microsoft Excel :
170 {d5553175-ee43-11dc-8bfe-0016369fcbdc} : "G:\Install FreeAgent Tools.exe" /run
173 GUID / CLSID not found
173 C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll (F.J. Wechselberger) {6863F1C7-E13A-481E-BF9C-5C8F01AF74E5}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
173 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Start Menu Pin
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found
221 C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll (F.J. Wechselberger) {6863F1C7-E13A-481E-BF9C-5C8F01AF74E5}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
221 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Start Menu Pin
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7BA4C740-9E81-11CF-99D3-00AA004AE837}
225 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
225 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found
227 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
227 C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll (Sophos Plc) {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
229 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {D969A300-E7FF-11d0-A93B-00A0C90F2719}
231 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
253 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
254 * C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) {217FC9C0-3AEA-1069-A2DB-08002B30309D}

Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 c:\windows\system32\DRIVERS\UIUSYS.SYS
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20061113.031\symidsco.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys

Attached Files


  • 0

#29
fenzodahl512
Posted 18 April 2009 - 08:51 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Erm.. your RunScanner log is good to me.. Lets do this...


The steps that I am about to suggest involve modifying the registry. Modfying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot perform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry
  • Go HERE and download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.

For detailed instruction on how to back-up registry via ERUNT, please visit HERE




Please download WinsockXPFix from HERE.
  • Double-click on WinsockXPFix and click on Fix
It will ask you to restart your computer in attempt to fix the internet connection. Please do so..


Now, do you get the internet connection now? :)
  • 0

#30
ciregno
Posted 18 April 2009 - 09:50 PM

ciregno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
before i do this, it's odd because my internet connection just failed completely not so long ago and didn't work at all after restart. as of right now it's working perfectly fine and my sophos was updated. but within this past hour, i've had to restart my computer a total of 6 times just to get the internet to work because it kept crashing after a short duration of time. i tried to repair the connection and it failed to renew my IP. i dont know if this is the virus or if its my drivers?? this just seems odd to me. all my roommates are on the schools network and their internet has been completely fine.

Edited by ciregno, 18 April 2009 - 09:50 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP