Malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Glamis77, Feb 6, 2009.

  1. Glamis77

    Glamis77 Private E-2

    I could tell by the feel of things something was awry. CPU would spike steadily for a few minutes after boot up. Couldn't update AVG. Then, computer locked up, and, upon reboot, couldn't connect to the internet. W2K no longer recognized or responded to the Linksys network adapter and consequently there was no LAN.

    Ran through the Read and Rum me first tasks. Malwarebytes, SuperAntiSpyWare, and Spybot found nothing. Combofix, however, appears to have found some things. I can not connect to the internet.

    One note -- Combofix didn't seem to complete it cycles. When it stopped, it produced a log, but there was nothing but blue screen. Had to reboot manually. (I didn't re-run Combofix. Please advise if I should.)

    Logs are attached as required.

    As always, appreciate the support of Majorgeeks!!!!!!!!! :major
     

    Attached Files:

    Glamis77, Feb 6, 2009
    #1
  2. Glamis77

    Glamis77 Private E-2

    1234
     

    Attached Files:

    Glamis77, Feb 6, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You have little room left on that hard drive. Your logs are clean. So I suggest that you post in either hardware or networking as this sounds like it is just a matter of your network adapter.
    You need to tell them if you are on a router or just a modem...if you are wired or wireless.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

      • Delete the C:\combofix folder from combofix (if it exists)

    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     
    TimW, Feb 8, 2009
    #3
  4. Glamis77

    Glamis77 Private E-2

    Tim,

    I was able to get online long enough last Friday to post the logs. Soon after, however, I got the blue with an error code, I rebooted, and within seconds of getting back online I would get another blue screen. Within five minutes I was back to where I had started before I performed the Read and Rum Me First tasks -- computer didn't recognize Linksys notebook adapter, under Device Manager I receive Error Code 12 (Device cannot find enough free resources that it can use).

    I am far, far from being an expert, and although I do not have XP, I suspect some sort of AntiVirus rootkit that attacks the drivers.

    If I am not infected, why would Combofix put files into quarantine?
     
    Glamis77, Feb 9, 2009
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You had some infections that the scans took care of. Your BSOD issues need to be addressed in the software forum. I would take particular note of the message that you do not have sufficient resources.
     
    TimW, Feb 10, 2009
    #5
  6. Glamis77

    Glamis77 Private E-2

    Thanks for the help, Tim!!! :major:major

    As always, I appreciate the support!!!
     
    Glamis77, Feb 10, 2009
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    No problem...hope you get it sorted out. :)
     
    TimW, Feb 12, 2009
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds