Smitfraud, Virtuemonde?

MosesPresley · Jan 30, 2009

Hello and thanks in advance if you can help,

About a week ago, I lost all connection to the internet and think it was while searching on some job search sites. Which doesn't surprise me because I know I'm not the only person to have my computer infected with XPAntivirus earlier this year through monster.com.
As far as I know, I removed that completely with Spybot S&D.

But this new problem; I can't figure out. Everything on my ‘puter seems to work fine except:
1. I can’t get online (the wireless adapter even works, so I am connected) and
2. Sometimes a bad blue screen shows up (then I have to start over)
I'll attach that too, just in case it helps.

Like I said, everthing else was fine so I ran Spybot S&D and it kept coming up with some Smitfraud and Virtuemonde problems. I would delete them via SS&D, run it again and there they were—again.

So, I found majorgeeks and ran everything on your clean XP page.

I had also previously tried Ad-Aware and Avira AntiVir (the latter of which I removed, deleted and got rid of but ComboFix kept telling me it was running). I also had a problem with downloading Windows Recovery Console because I can’t get online.

Anyway, I still have the same problems I started with a week ago.
I don't beleive this situation is entirely hopeless--so, I hope you see something fixable in these logs. Thanks again.

MosesPresley · Jan 30, 2009

...and the other logs.

thanks,
Moses

MosesPresley · Jan 30, 2009

Oh yeah, and all my previous restore points disappeared too.

TimW · Feb 1, 2009

This still shows in your add/remove list:
AVG Free 8.0"
Avira AntiVir Personal - Free Antivirus

cmudax3.sys refers to Perfect Disc .

The scans removed any malware on your system, so I suggest you post in the software section to further pursue this.

If you are not having any other malware problems, it is time to do our final steps:

We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /u

Notes: The space between the combofix" and the /u, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Delete the C:\combofix folder from combofix (if it exists)

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip

If you are running Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

Log in or Sign up

Smitfraud, Virtuemonde?

MosesPresley Private E-2

Attached Files:

blueScreen.jpg

SASlog.txt

mbam-log-2008-09-26 (19-19-15).txt

MosesPresley Private E-2

Attached Files:

ComboFix.txt

MGlogs.zip

MosesPresley Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member