Suspect malware - Acquire ip address

Hi there experts.
I cant remember what i was doing on my Dell Lattitude D620 (running windows XP32 bit) laptop at the time, but three days ago I noticed that AVG Free AntiVirus was showing an exclamation mark.
It related to identity protection.
When i tried to fix this - I noticed that the laptop was not connected to the internet.
I found that it was not finding my wireless network.
I then plugged it in to my modem directly (as I do daily)
I then found it was trying to acquire network address.
Also the database for my most important program was suddenly missing!

Luckily I have my wife's laptop that is still working fine.
after researching via google - I found your website and followed the instructions under Windows XP Malware Removal/Cleaning Procedure.
Downloaded to CD:
RogueKiller, Malwarebytes Anti-Malware, TDSSKiller, HitmanPro, MGtools.

I have run RogueKiller - (the logfile is on the infected computer:confused {can I copy it onto a memory stick and import onto this computer without infecting this computer?})

Installed MalwareBytes....

here is where I am stuck.rolleyes
I am instructed to update the database (currently v2014.03.04.09)
but am not able to go online with my laptop at the moment.

should I just continue running that program with this database?

Thanking you in anticipation
Mauritz

 

update: HISTORY
I remember now where this all started:
When trying to run itunes i received an error message about DEP
I uninstalled itunes and around that time i found that there was a problem with aqcuire ip address.

Update2: MALWARE BYTES
I found update malwarebytes manually
downloaded the file and transferred to infected computer.
ran the mbam-rules.exe
but MalwareBytes still says that the database is out of date.
I ran the program anyway - logfile attached.

I ran all the rest of the tools and have attached all logs

 

`Thank you Kestrel
MGlogs.zip attached
i followed the steps to start with a clean system.
when I tried to do a registry backup - I received a error message saying that it had errors or failed.
set a system restore point.
then ran the specific repiar options.
Thank you soooooooo much for all your help!

 

Hi Kestrel
Sorry to hear you have been sick!
hope you feel better soon!

Thank you for all your help!

I did as suggested.
new logs attahced.

Found the following:
When running Regedit as administrator - I could not see the DHCP file that I had saved on the desktop.
So i just imported it directly from memory stick.

it imported successfully
ran mgtools\getlogs
attached logs.zip

 

Good morning Kestrel.
I hope you are recovering well.

Actually - on the last reply I started writing about the windows registration issue I have.
But I decided to not cloud the issue we have been addressing - so deleted it.

This laptop had an infection about 5 years ago.
A friend helped me get rid of the virus by reformatting the HD and reloading windows.
About a year ago I contacted microsoft regarding an issue.
They checked the windows registration and reported that it was an invalid registration.
This laptop still has the original sticker with the windows product key pasted to the bottom.

Is there a way that I can reset this to the original settings etc?
If this would solve all the problems - then I am prepared to 'write-off' all the data etc on this laptop and start from scratch.

Is this something software supprt can help me with or do I need to take it in to a store?

Thank you for your help and advice.
Sincerely
Mauritz

 

I am running anti-malware bytes right now and will let you know the results as soon as it is completed.

 

Good news?
Malaware bytes did not find any malicious items!

 

Hi Kestrel.
Thank you for all your help here.
I started that new thread and have been getting help and advice from Mdonah
I am now at the point of wiping the whole computer and will re-install XP.
Again thank you for all your help.
Sincerely
Mauritz

 

Hi Kestrel
Just a quick note to let you know that I have managed to
wipe, format and re-install windows XP to that laptop.
Updated all security fixes - and only have one last issue to sort....


Hotfix Id: EOL-Adobe End of Life
Adobe Flash Player 6.0.88.0 ActiveX 32-bit is vulnerable and no security updates are provided by the vendor

I have posted this in the thread with Mdonah and await some advice.

I'm not sure of the protocols, but I would suspect that it would be good to close this thread?

Again - thank you for all your help