I've got malware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Pete22, Mar 28, 2010.

  1. Pete22

    Pete22 Private First Class

    I was working on my computer and all my usb equipment stopped working. I thought it was a hardware issue. After I gave up trying to fix them, I opened my browser and it opened to an advertisement. So I decided to run SAS. It found a trojan Gen-SVC(fake)

    I decided I better do the read me and run routine.

    I updated ad ran MB. It found a bunch of stuff.

    Before I went on I uninstalled avg and disabled my firewall and other monitors. I noticed my firewall has not been updating like it should have been.

    I downloaded and ran combofix.

    I then tried to go back to majorgeeks to get RR but could not. A message popped up and said that my firewall was stopping me from going to majorgeeks. However, this message did not look like the messages I get from my firewall. I checked and sure enough my firewall was not even running.

    So I ran ccleaner and was then able to go to majorgeeks.

    I downloaded and ran RR and MGTools.

    I then tried to reinstall avg but it got two errors. I rebooted and ran it again and it did install.

    I reinabled my firewall.

    I then got several popups that wants to change my brower to IE and to change my home page.

    So I ran ccleaner again.

    Unfortunately, I am still getting the popups asking to change my browser to ie.

    Thanks for helping me out.
     

    Attached Files:

  2. Pete22

    Pete22 Private First Class

    Here is my last log.


    pete22
     

    Attached Files:

  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're logs are clean.

    Normal. After the cleaning process, some settings my be returned to Microsoft defaults out of necessity. You just need to setup your default brower as desired and tell it not to ask anymore.

    Your USB problem may be missing drivers based on the below two lines seen in ComboFix:
    S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
    S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]



    Since you are not having malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. After doing the above, you should work thru the below link:
     
  4. Pete22

    Pete22 Private First Class

    Wow Thanks Chaslang!!!!

    Thats the fastest response I have ever got.

    Many thanks for the info.

    I will do what you say.
    Also thanks for telling me that my usb is a driver issue, I will reinstall them.


    Pete22
     
    Last edited: Mar 28, 2010
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    Right now, we just happen to be pretty caught up on threads needing help which is why you were answered so quickly. It will not always be that way. ;)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds