Exposed!

Discussion in 'Malware Help (A Specialist Will Reply)' started by Tef, Feb 23, 2009.

  1. Tef

    Tef Private E-2

    I can't download my antivirus from the web, it states "can't find an internet connection".

    Also Real Player is stating the same thing.

    Can't check Device Manager, it's empty.

    How do I fix these 3 problems?

    I had a Trojan, did the "read and run me first" steps and all is well except for me trying to put my antivirus software back to work.

    I have internet connection. Modem is working fine, just did a complete check.

    Any help will be deeply appreciated.
     
    Tef, Feb 23, 2009
    #1
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    dr.moriarty, Feb 23, 2009
    #2
  3. Tef

    Tef Private E-2

    Hi Dr.

    I can't access the Internet. I have to post the "Read and Run Me First" logs from another computer so please bear with me for I can only access another PC when I can. I'll try to post them on Thursday.
    Thanks, chat soon.
     
    Tef, Feb 25, 2009
    #3
  4. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    :)

    You're Welcome, Tef.

    One of the team will help whenever you attach the requested logs.
     
    dr.moriarty, Feb 25, 2009
    #4
  5. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi Tef

    Also to follow on from Dr M's post attach the logs to this thread as per the Malware read Me's guide as I will move this thread to the malware forum for you so that all the info it together including link to very first post you dind with TimWs info. SO save its link or in your User CP, search for your created threads to find it.
     
    DavidGP, Feb 25, 2009
    #5
  6. Tef

    Tef Private E-2

    Hello All,
    I appreciate you taking the time to help me out :) Here's a rundown of my problem.

    FIRST ROUND

    Problems:
    • Slow computer.
    • Home page changes without me doing so.
    • Someone used Windows Messenger against my wishes. Perhaps downloaded some stuff.
    • Caught a Trojan named "Generic Startpage", which was quarantined by McFee.
    • Device Manager is blank.
    • What I've done thus far:
    • Printed the "Read and Run Me First" process.
    • Downloaded all tools requested.
    • Uninstall McFee. [It was getting in the way.]
    • Performed all scans required and attained all logs.
    • ComboFix couldn't install Windows Recovery Console even when I tried to manually restore via Microsoft download.

    As a result:
    • Some tools found some stuff and I assumed cleaned/cleared them.
    • Homepage seemed to returned to normal.
    • I assumed all is well again and did a System Restore Toggle.
    • Tried to reinstall McFee, had problems doing so. [That's when I posted first message.]
    • Reboot computer, no Internet access.
    • Reboot modem, no luck. Called IP, followed their instructions on resetting modem, Internet's back :-D
    • Installed Avast for coverage instead.
    • Rebooted PC, no Internet connection. Called IP again, stated I have no Local Connection and a card of some kind may have malfunctioned. [Gave up and went to bed!]

    SECOND ROUND:
    • Re-read "Read and Run Me First" instructions.
    • Under ComboFix instructions "How to Restore Internet Connection", tried it but no "Repair Menu" was shown when I right clicked.
    • Under SAS tried "Repair broken Network Connection (WinSock LSP Chain), rebooted. Nothing!

    So that's where I stand now.
    Here are the logs.
     

    Attached Files:

    Tef, Feb 26, 2009
    #6
  7. Tef

    Tef Private E-2

    What should I do next guys/gals?
     

    Attached Files:

    Tef, Feb 26, 2009
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean.....You may just be having problems with your NIC card. I suggest you post back in either networking or software.

    You need to run McAfee Removal Tool.
    Then install a firewall from the below link.

    You can do a little clean up:
    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix (if it exists)
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    Last edited: Feb 26, 2009
    TimW, Feb 26, 2009
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds