Infected with malware, loggfiels

Discussion in 'Malware Help (A Specialist Will Reply)' started by DouglasH, Sep 4, 2010.

  1. DouglasH

    DouglasH Private E-2

    Hello dear helper!

    I was infected with malware, or something called fraud.sysguard, which spybot search & destroy picked up. It started while I was playing CS, I'd just purshased a new mouse and installed its drivers, an "antivirus software" poped up and started searching through my computer telling me I had tons of viruses, since similar things happend to me before I knew this was some kind of fraud. This happend 2nd september. I first searched the computer with spybot search & destroy, then with Ad Aware and later with Norton antivirus 360 4.0. I saved two logfiles from a later search with Ad Aware which I have implemented in this message incase it would do any good. The big problem I'm having is that I can't seem to gain an IP adress from my router after being infected, I've tried reparing the internet connection both through windows and with SAS but it doesn't do any good, note that I coldn't connect to the internet even before I ran SAS or any other antivirus sofwares. I couldn't seem to run Root Reapeal even though I'm on a windows xp pro 32 bit machine, I implemented the crash file.

    Thanks for all your help in advance and for writing this guide, I do think it got rid of some heavy mal and spyware even though my internet connection is still down.
     

    Attached Files:

    DouglasH, Sep 4, 2010
    #1
  2. DouglasH

    DouglasH Private E-2

    My other loggfiles.
     

    Attached Files:

    DouglasH, Sep 4, 2010
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It looks like the scans took care of the malware. What issues are you still having?
     
    TimW, Sep 4, 2010
    #3
  4. DouglasH

    DouglasH Private E-2

    I can't seem to gain an IP adress from my router, my other computes doesn't have this problem and it started right after I got the virus.
     
    DouglasH, Sep 4, 2010
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Code:
            IP-adress . . . . . . . . . . . . : 0.0.0.0

        Nätmask . . . . . . . . . . . . . : 0.0.0.0

        Standard-gateway  . . . . . . . . : 

        DHCP-server . . . . . . . . . . . : 0.0.0.0
    I suggest you post in the networking forum. Also, have you tried getting an IP address by connecting straight into the modem?
     
    TimW, Sep 5, 2010
    #5
  6. DouglasH

    DouglasH Private E-2

    I have not tried connecting it sraight in to the modem, I got frustrated and thought an upgrade was in its place so I went out and bought a copy of Windows 7 which I'm just about to install. Luckily I have two internal harddrives and since you helped me figure out i was clean from malware I don't have to format both, so I wont loose all of my important work. So I thank you and this forum once again for all your help and hard work :)

    Probably get back to you in a year or two when a new problem has resolved it self!

    /Douglas
     
    DouglasH, Sep 5, 2010
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Good to know.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.


    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    10. After doing the above, you should work thru the below link:




    Support MajorGeeks with Geek Wear!
     
    TimW, Sep 5, 2010
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds