Fast Internet Access

Posts Tagged ‘malware’

My computer has recently been infected with spyware and virus which has completely blocked my access to the internet. It removed address bar from IE, removed security center, and does not allow access to internet. I ran a couple of different antivirus/antispyware programs including Ad-Aware SE and Avira AntiVirus which have removed some(if not most) spyware and malware. Also have installed Mozilla Firefox browser to try to access internet using a different browser. Still, connection to internet is blocked. Most recently Avast Antivirus scan yielded results which did not understand. Can anyone help me with this? Scan result: Name of file- D:PRELOADBASE_23.INP242975RUS8.EXE Result- UNABLE TO SCAN:CAB ARCHIVE IS CORRUPTED.

I had some virus that had all sorts of nasty pop ups coming up which i managed to get rid of in safe mode. There is still something that is making a “webpage unavailable while offline” popup appear when i click on control panel, my computer, etc and it won’t open up the control panel or my computer. Here is my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:03 PM, on 3/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
X:Program FilesAvastaswUpdSv.exe
X:Program FilesAvastashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAnalog DevicesCoresmax4pnp.exe
C:Program FilesJavajre1.6.0_05binjusched.exe
C:Program FilesIntelIntel Application Acceleratoriaanotif.exe
C:WINDOWSsystem32dlatfswctrl.exe
C:Program FilesZuneZuneLauncher.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCreativeShared FilesCamTray.exe
C:WINDOWSsystem32CTsvcCDA.exe
C:Program FilesDigital Line DetectDLG.exe
C:Program FilesIntelIntel Application Acceleratoriaantmon.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:Program FilesStickiesstickies.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32ZuneBusEnum.exe
X:Program FilesAvastashMaiSv.exe
X:Program FilesAvastashWebSv.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsErikLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsErikLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsErikMy DocumentsDownloadsHiJackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&continue=http%3A%2F%2Fgmail.google.com%2Fgmail
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 – URLSearchHook: (no name) – {4D25F926-B9FE-4682-BF72-8AB8210D6D75} – (no file)
O4 – HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
O4 – HKLM..Run: [SunJavaUpdateSched] “C:Program FilesJavajre1.6.0_05binjusched.exe”
O4 – HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Application Acceleratoriaanotif.exe
O4 – HKLM..Run: [dla] C:WINDOWSsystem32dlatfswctrl.exe
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [Zune Launcher] “C:Program FilesZuneZuneLauncher.exe”
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 – HKLM..Run: [Unovoqe] rundll32.exe “C:WINDOWSVmeverihehafiley.dll”,e
O4 – HKLM..Run: [Cbiri] rundll32.exe “C:WINDOWSoqasunog.dll”,e
O4 – HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 – HKCU..Run: [Creative WebCam Tray] C:Program FilesCreativeShared FilesCamTray.exe
O4 – HKCU..Run: [System configuration backup] C:RECYCLERS-1-5-21-7955546038-2179099912-052860759-4808sysdate.exe
O4 – HKUSS-1-5-18..RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:’Creative SoundFont Synthesizer’ /w:’SB Audigy’ (User ‘SYSTEM’)
O4 – HKUS.DEFAULT..RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:’Creative SoundFont Synthesizer’ /w:’SB Audigy’ (User ‘Default user’)
O4 – Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 – Startup: Stickies.lnk = C:Program FilesStickiesstickies.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 – Global Startup: Digital Line Detect.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O7 – HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:Program FilesJavajre1.6.0_05binssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:Program FilesJavajre1.6.0_05binssv.dll
O9 – Extra button: PokerStars – {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF
I have spybot but it won’t let me open it up (in response to the first answer), i just get the offline webpage popup instead. So I’m looking to remove the problem manually in safe mode. I’m just not sure exactly what the cause is.

The sixth video in the series explaining common internet security threats and how to avoid them, looks at one of the media’s favourites…. denial of service attacks..

I’ve cleared temporary internet files, limited the programs running in the background, made sure I don’t have any malware, etc. Any other ideas?