Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Diconnected internet

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Diconnected internet

Unread postby Maruquani » February 3rd, 2011, 6:14 pm

[628]wininit.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[628]wininit.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[628]wininit.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[672]services.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[672]services.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[672]services.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[672]services.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[688]lsass.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[688]lsass.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[696]lsm.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[696]lsm.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[744]winlogon.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[744]winlogon.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[864]MSASCui.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[864]MSASCui.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[880]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[880]svchost.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[960]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[960]svchost.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
Maruquani
Active Member
 
Posts: 9
Joined: January 27th, 2011, 2:17 pm
Advertisement
Register to Remove

Re: Diconnected internet

Unread postby Bob4 » February 3rd, 2011, 10:19 pm

Glad we finally got a root-kit scan.
Unfortunately it hasn't shown us anything hiding.

I don't think your issue is related to malware.
I could give you a few things to try but your time would be better spent at a
forum more set up to deal with this type of issue. I will list a few for you after we clean up a bit.



Manually delete Root Repeal and RKUnhooker

You can keep Malwarebytes and TFC ( Temp file cleaner) for regular use.

_____________________________
This process is going to clean up some of the tools we have used.
Open OTL.exe click on the cleanup button. You will be asked to reboot.
Please do so now to clean up some tools we've used.


Heres a list of good sites that might be able to help you with your networking/internet issue.

Tech support forums
What the tech
Bleeping Computer

Safe and happy surfing. :mrgreen:
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Re: Diconnected internet

Unread postby Cypher » February 5th, 2011, 2:11 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14971
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware