Infection, corrupts mouse tpad,internet, controls computer

Discussion in 'Malware Help (A Specialist Will Reply)' started by donaldcarroll, Sep 27, 2008.

  1. donaldcarroll

    donaldcarroll Private E-2

    I have a Toshiba M35X-S161, XPhome, sp3, Norton systemworks2006, Comcast wireless internet connection, with Toshiba as Homepage.

    While offline and without internet access my mouse and touchpad started acting erratically, I waited until I was at home and reinstalled devices with new drivers.

    Went online and problems started again, Computer tried to connect to quicken bank and transfer funds.

    Managed to call Norton, said get lost.

    Have done maintenance and readme downloads, include attachments
     
    donaldcarroll, Sep 27, 2008
    #1
  2. donaldcarroll

    donaldcarroll Private E-2

    Here are second set of attachments.

    I thought I was ok after going through the process, but I am still screwed up.

    I have to start up machine with f12, and whatever it is has full control, wouldn't let me online, I am sending this from a second computer via USB flash drive.

    I also had to update Combofix after going through the install because it said update waqs available, and wouldn't let me install the version I downloaded from your link.

    That means no xp restore console.

    Thanks in advance

    Don
     

    Attached Files:

    donaldcarroll, Sep 27, 2008
    #2
  3. donaldcarroll

    donaldcarroll Private E-2

    I now get antivirus warning for this file, and Nortonwill not quarantine it, wants to delete the following file. What is this " HKLM\System\Control set 002\services\netbt\interfaces\Parameters\tcpip_{5cB7A4F3-9A18-4BFA-828B-D5AD2EDD9B90}\\Net Bios options"

    If this is a malware file how do I get rid of it?

    I also would like to have the computer startup when the power is turned on.

    Thank you for your help
     
    donaldcarroll, Sep 28, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You would have to remove it in your lan properties ---> but not an issue.

    Did you run MWB's and SAS as you did not attach the logs.

    However, I am not seeing malware in the logs you did attach.

    Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

    NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

    * Double-click ATF-Cleaner.exe to run the program.
    * Under Main choose: Select All
    * Click the Empty Selected button.

    If you use Firefox browser

    * Click Firefox at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    * Click Opera at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main ATF Cleaner menu to close the program.

    Tell me exactly what problems you are having.
     
    TimW, Sep 29, 2008
    #4
  5. donaldcarroll

    donaldcarroll Private E-2

    I sent the logs with the first post in thread am sending again, having trouble posting have been thrown off twice curser goes back to first
     

    Attached Files:

    donaldcarroll, Sep 29, 2008
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    They only found one item.....let's try this:
    Now go to Bitscan link: agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

    Click-on the Detected Problems tab. Then select Click here to export the scan report

    When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.
     
    TimW, Sep 29, 2008
    #6
  7. donaldcarroll

    donaldcarroll Private E-2

    Sorry to be so long getting back to you, but I am traveling and using another computer for access.

    Will try to get access without damaging my host and download bit and save results.

    Probably will be a day or to.

    Thanks for your patience and help.
     
    donaldcarroll, Oct 2, 2008
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    No problem.:)
     
    TimW, Oct 2, 2008
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds