Tried pretty much everything

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by xenophone, Jan 4, 2008.

  1. xenophone

    xenophone Private E-2

    Two days ago I started having trouble with my connection slowing way down. I ran all the standard stuff: Spybot, Adaware, AVGfree, CCLeaner. My speed now seems fine, but I still can't connect to any of my email accounts. The login page loads up fine, but when I enter my info no data seems to transfer and the connection times out. This happens with Hotmail, Yahoo, and an email account through school. That same day I installed Daemon Tools lite and Dosbox. I have fully gone through the cleaning process detailed in the sticky here and the problem persists. I'm posting all of the requested logs except for AVG spyware because for some reason I couldn't save the log, but all it found was tracking cookies. Thanks!
     

    Attached Files:

    xenophone, Jan 4, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Actually you install alot lot more at that time. Apparently you were running without any protection and installed all your current protection software after this happend.


    Your logs do not show any malware. In fact you show a lot fewer processes/programs running than most people. You issues may not be malware but we will run another scan just to be on the safe side.
    But first let's get your Sun Java updated.

    Uninstall the below old versions of software:
    Java(TM) 6 Update 2

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

    Now run this procedure and attach the log: Running GMER to detect rootkits
    I doubt it will find anything of interest.

    You may need to check to make sure you are not blocking anything in a firewall, in Ad-Aware, in your AntiVirus....etc. Also try another browser. Also see what happens in safe boot mode.
     
    chaslang, Jan 6, 2008
    #2
  3. xenophone

    xenophone Private E-2

    Here is the log for GMER. I tried disabling all my firewall and protection stuff, which didn't help. I also uninstalled and updated java as requested. If this isn't malware what could it be?
     

    Attached Files:

    xenophone, Jan 6, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Let's give the below a try.

    Now print the below instructions because at a point during them you MUST (this is can be critical) shutdown all browsers. I will tell you when to exit the browsers during the muti-part procedure.
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.


    Now run Ccleaner!


    Now run GMER again like last time.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

    Then attach the below new logs:
    • C:\ComboFix.txt
    • GMER log
    • C:\MGlogs.zip
    Is there any change? If not, have you tried connecting using another browser?
     
    chaslang, Jan 7, 2008
    #4
  5. xenophone

    xenophone Private E-2

    OK I'll do this stuff when I get home tonight. Yes I've tried IE and Firefox, same issue with both. Thanks for your help Chas.
     
    xenophone, Jan 7, 2008
    #5
  6. xenophone

    xenophone Private E-2

    K I followed your instructions and here are the requested logs. It doesn't look like it worked :(
     

    Attached Files:

    xenophone, Jan 7, 2008
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    While I'm not even sure the driver I was trying to load is really your problem, it appears that it may have renamed itself before you did my fix. It is now named: aaddxk1i.SYS and previously it was axyv7zb7.SYS. Please attach another log from GMER and then DO NOT shutdown or otherwise reboot your PC. Wait until I post another fix to try. That way at least we know we are posting a fix that matches the file name.
     
    chaslang, Jan 8, 2008
    #7
  8. xenophone

    xenophone Private E-2

    Just thought you might be interested to know that I resolved the issue and it wasn't malware after all. The day I began having a the problem I had forwarded ports to use for bittorrent, and apparently the port I was on was blocking pages with logins? I don't completely understand how it works but my roommate had me set the IP address and that solved it. I was actually just about to do a clean windows install before he stopped me. Imagine how angry I would've been after formatting to find the problem persisting! Anyway thanks for your help.
     
    xenophone, Jan 8, 2008
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm happy to hear that you got your problem fixed. Surf safely.
     
    chaslang, Jan 10, 2008
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds