Jump to content

Think I nuked my infection. However, my internet is gone.


Recommended Posts

Windows XP

Alright, I've been at my computer with adaware, spybot SD, and now Anti-malware.

Lavasoft on guard protection, blocked shell, and svchost, after which my internet failed. I had to turn it off.

Anti malware quarantined the same files, and now I can't access internet.

I can however, use msn-messenger.

And before, since I got infected, I couldn't acess (for some strange reason) my friends-requests at couchsurfing, chrome gave me a 400 error.

Currently, I'm browsing with the "guest" profile, on the same computer, which seems unaffected.

Alright, I did what the instructions told me to do: I ran anti-malware, full antivirus (avast), defogger, dds, I ran the rootkit, but it eventually slowed my computer down to a crawl, and it didn't finish, even though I let it run for 10 hours straight.

Yea, I'd like my internet back, and at the same time, not restart the virus infestation.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4749

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/6/2010 3:29:45 AM

mbam-log-2010-10-06 (03-29-45).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 227769

Time elapsed: 1 hour(s), 29 minute(s), 47 second(s)

Memory Processes Infected: 3

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 3

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 6

Memory Processes Infected:

C:\Documents and Settings\Erik\Lokala inst

Link to post
Share on other sites

Hello Sparrisen987

Welcome to Malwarebytes.

=====================

Please download Rootkit Unhooker and save it to your desktop.

  • Double-click RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth Code, Files, and Code Hooks
  • Uncheck the rest, then click OK
  • When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
  • Wait till the scanner has finished then go File > Save Report
  • Save the report somewhere you can find it, typically your desktop. Click Close
  • Copy the entire contents of the report and paste it in your next reply.

Note - You may get this warning it is ok, just ignore it."Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

Link to post
Share on other sites

Here we go!

RkU Version: 3.8.388.590, Type LE (SR2)

==============================================

OS Name: Windows XP

Version 5.1.2600 (Service Pack 3)

Number of processors #2

==============================================

>Drivers

==============================================

0xF62FD000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 5857280 bytes (Intel Corporation, Intel Graphics Miniport Driver)

0xA717D000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 5251072 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)

0xBF1E7000 C:\WINDOWS\System32\igxpdx32.DLL 2699264 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology)

0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2150400 bytes (Microsoft Corporation, NT:s kernel och system)

0x804D7000 PnpManager 2150400 bytes

0x804D7000 RAW 2150400 bytes

0x804D7000 WMIxWDM 2150400 bytes

0xBF800000 Win32k 1855488 bytes

0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Win32-drivrutin f

Link to post
Share on other sites

Please open up Notepad and copy all of the items in the code box below.

Change the "Save As Type" to "All Files". Save it as fixthis.reg on your Desktop.

REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyServer"=-

Now double-click fixthis.reg.

A window will come up asking if you want to let it merge with the registry.

Click yes.

Reboot for the changes to take place and let me know if you can get online then.

Link to post
Share on other sites

You are welcome :o

Your logs are clean.

You can delete anything I had you download.

After that your all set.

===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance===

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

"How did I get infected in the first place?" Also this one by Tony Klein.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc...

===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased===

Malwarebytes Antimalware

superantispyware

===Free antivirus links===

This is antivirus and antispyware.

Microsoft Security Essentials

This is free antispyware protection and Antivirus protection.

AVG free 9.0

This is just antivirus protection.

Antivir

This is antivirus and antispyware protection.

Avast

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.