Computer Support Forum

Malware removal attempt led to unusable internet, still can't remove all malware

Question: Malware removal attempt led to unusable internet, still can't remove all malware

Hi, I'm suddenly having a lot of trouble with malware. My computer seemed to be running okay but I ran Malwarebytes as I occasionally do, and it picked up a fair amount of malware on my system. I deleted it and rebooted, but that's when my problems really began. Upon restarting, my internet connection has become almost unusable. It's extremely slow and generally I can't even open a page that I want after trying to refresh several times. Oddly though, google is working perfectly and a few other sites seem to work too, including this one. I've tried running MBAM again and again, each time it picks up more malware and I remove it, then reboot and the cycle renews. I can't seem to get rid of all of it, every time I scan my system there's just more of it. I've tried ComboFix but it doesn't seem to have done anything. One persistent thing seems to be photo_id.exe, I've got a few messages from MBAM saying it can't be removed and I need to reboot. Also, I've noticed that if I'm trying to reach a webpage, although it won't load there seems to be some redirecting, for example I just tried to reach a wikipedia page and it says "The server at topsearchfeed.com is taking too long to respond" For some reason I can't bloody format this properly no matter how hard I try, so here's an attached HJT log:

Relevance 100%
Preferred Solution: Malware removal attempt led to unusable internet, still can't remove all malware

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Malware removal attempt led to unusable internet, still can't remove all malware

problem has become more serious, now my mother has told me that the internet on her laptop is also extremely slow and essentially unusable, I'm worried that something from my computer has got on to hers via the wireless network we're both connected to. Somebody please help me

2 more replies
Relevance 89.79%

I had a major problem on my computer that would make it shut down as soon as it booted up. This was fixed with backing up to an earlier system restore point, but the computer was still showing major signs of malware. Examples: antivirus programs were shut down and could not be reasoned with; the internet was having trouble connecting.

A friend of mine who had done malware removal had me run a program called Combo Fix. Looking at some forums now and also the results, this was apparently not the right idea at the time. After the run of Combo Fix, nothing on my computer works. Every time I try to pull up any program, I get the error "Illegal operation attempted on a registry key that has been marked for deletion." Even trying to uninstall Combo Fix using Run option doesn't work; it throws up the same error.

I can't even get the registry log that Combo Fix threw up because I get this error message. I saved it, but closed it out and now I can't even open the saved notepad file. Any ideas how I can fix this?

Answer:Can you fix a botched attempt at malware removal?

reboot the computer and that error will go away

post the ComboFix log that will be located at C:\ComboFix.txt

2 more replies
Relevance 89.79%

I have been following the step by step instructions on removing malware on Vista. Major Geeks has been a great help. I watched my friend remove Antivirus 2008 using this site and was amazed and excited by the amount of work needed to remove the malware. So after a friend came to me with a similar problem I wanted to do it my self. Thanks for all your help
 

Answer:first time malware removal attempt

Here comes malware bites
 

7 more replies
Relevance 89.79%

Gud day to everyone,

My computer having some malware activity, i have used adware 2008, spyware removal tool, norton anti-virus and other removal tool, but still those malware cannot be deleted.. My Computer icon could not display its properties, instead it appears like a file when you see its properties. It also disabled TCP/IP that why until now i cannot connect to the internet.. I don't have WindowsXP SP2 cd for repair..

Please help me as soon as possible, because it is a server..

Answer:Urgent! My XP SP2 have malware activity!.. cannot remove using malware removal tool

Hello frozenfire03, Welcome to TSF!

I recommend that you read this article… "Having problems with spyware and pop-ups? - First Steps"; follow the instructions very carefully; then, post all the requested logs and information; as instructed, in the HiJackThis Log Help Forum.
(Simply, click on the coloured links to be re-directed.)

Please ensure that you create a new thread in the HiJackThis Log Help Forum; not back here in this one.

When carrying out The 5 Steps, if you cannot complete any of them for whatever reason, just continue on with the next one until they are all completed.
However,it is extremely important to make mention of the fact that you could not complete any of the steps in your post to The HJT Help Forum; where an Analyst will assist you with other workarounds.

Once done, please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.

Good Luck with it.

Kind Regards,

7 more replies
Relevance 88.97%

Hello Everyone,

I have read the section about malware removal but was unable to do any of it because my pc wont even start up.

Basically this is what happened - my Dad downloaded a file of the internet which was claiming to be maps for his GPS... it turned out to be a trojan. I think was called TR/Spy.banbra.199.df by AntiVir. The trojan kept on opening explorer and firefox windows by itself.

AntiVir detected the file (I think what was infected was called command.exe) but it could not delete it so I set about runing Ad-aware. Ad-aware found a few things but said it would continue trying to fix on restart so I restarted the pc thinking I'd got on top of things.

On restart the pc started as normal until I got the Windows XP screen which says 'Loading your personal settings...' then pauses for a while then says 'Saving you settings...' it then goes between the two ...loading settings saving settings, loading settings saving settings etc and gets nowhere.

I have tried pressing F8 at the start and starting with last known good configurations and also starting in safe mode but the
same thing happens...

Can anyone help me please??
 

Answer:problem with start up following malware removal attempt

If you have an xp cd, that came with your computer, boot the computer to it.

When you get the first prompt, type in R to repair.

Ignore the keyboard selection.

When the prompt asks for which windows installation you wish to repair, use 1 for default.
Password should be blank, unless you changed the administrator password to something else

Next, at the c:\windows directory type in:

chkdsk c: /r

After this is done, reboot, and see if the computer is good to go.

Other than this, try a repair installation of XP.

In addition, this error, sometimes happens when there isn't enough disk space left on the hard drive.
 

22 more replies
Relevance 88.97%

Hi,My Windows XP computer became infected with the Internet Security 2010 malware. I went through the steps given by Bleeping Computer to abort and remove it. Everything proceeded normally until the Malware Malbytes was just starting to remove/quarantine the thirty infections found when the BSOD appeared. I restarted my computer and the blue screen reappeared before Windows could start. I don't know how to proceed further. I did not get a Windows disk from Dell when I bought the computer and did not make a record of the updates beforehand. Is there anything I can do? Thank you.Jeff

Answer:Blue Screen After Malware Removal Attempt

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Do you have access to another computer where you can burn a recovery disc?If so, follow the steps here.http://www.bleepingcomputer.com/forums/t/276527/how-to-create-a-bootable-xp-recovery-console-cd/Let me know when you have the disc and we'll go from there.

21 more replies
Relevance 88.97%

Please help with my continuing networking problem. Before malware removal, I had these problems: Microsoft Outlook shuts down after opening the program, task bar error message on Windows Update, task bar error message on Windows Firewall, and the usual wifi icon on the task bar was replaced by a Network icon with a red X. On clicking the Network icon, an error message appears that the group or dependency could not be started.

After malware removal with the help of Malware Removal section in this forum, only the Network icon error remains. Clicking the Network icon, now shows a diagram of the basic network information with a red X on the line connecting This Computer and Internet but the other icons on active networks to choose from are no longer there. Using the cable on the wifi router does NOT correct the problem.

During the malware removal process, I was asked to re-install the network interface card. When I checked Device Manager to reinstall the drivers for network card, I saw an error icon that looks like a yellow triangle with an ! mark in the middle for several items: one item marked Unknown Device in Other Devices, and eleven (11) items in Network Adapters. The eleven items are: Reatek PCIe FE Family Controller, Realtek RTL8188CE Wireless LAN 802.11n COMBO PCI-E NIC, Teredo Tunneling Pseudo-Interface, WAN Miniport (IKEv2), WAN Miniport (IP), WAN Miniport (IPv6), WAN Miniport (L2TP), WAN Miniport (Network Monitor), WAN Miniport (PPPOE), WAN Miniport (PPTP), and WAN... Read more

Answer:Network icon with red X; after attempt at malware removal

Just an update on the solution to my problem. Before this, I have NOT been able to use System Restore to correct it due to an error message. I ended up uninstalling all security software installed on my computer (antivirus program, website advisor, and anti-malware program), then doing System Restore in safe mode. That worked! Wifi connection is back. Now I am going through the final steps after malware removal.
 

1 more replies
Relevance 88.97%

Hi everyone, just today I found out (through popups and processes running etc) that my PC had been infected with malware. I ran Ad-Aware, but first I ran hijackthis and tried to fix the problem in that way. Hijackthis wasn't able to remove everything clearly as i recall.. so I ran Ad-aware. It removed about 10 different malware programs but one did not remove completely.. it stated "Could not remove (malware), will attempt to remove at next startup." so, I figured it would.. the Malware started with an "M" name but i don't remember which..

Anyways, i restarted and now I'm getting a BSOD right after the Windows Xp splash screen. BSOD code c000021a.

I really need help with this, every time it does the same thing and just keeps on restarting. I have tried running in safe mode, repairing with XP disk, all the likes. I can use my mouse and keyboard just fine and I could really, really use any help with this. The recovery console I think may help fix it.. it's one of the only things I can possibly access windows with. Please respond if you can.
Thanks very, very much.
 

More replies
Relevance 88.56%

Okay so I have two files starting in my startup today, Than I had a blue screen ( Do to an unrelated incident ) and had 4, I believe I have 4 malware and am not sure how to go about removing them.I run Comodo Internet Security and Malwarebytes Anti MalwareAt the moment by CIS is blocking all four files, From program and firewall request (By my own will). IT did try to access the internet but I stopped it. People are telling me to Format but I have too much on here to do that.CIS and Malware Bytes dont detect nothing.Below are pictures with properties of both the files, I uploaded them to virusscan and virustotal and it was split on detecting it as malware but I wont post those logs here uless instructed.File names:0E808.exe1CB72.exe9F6B3.exeBAB2D.exeI have included a D.D.S log below, Please help me in figuring out what to do. I seem to notice a slag in performance since I discovered this.

Answer:Strange malware keeps making strange startup items, Attempt to acces internet, Appear to be Malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 87.74%

For the second time - I was following a bleeping computer tutorial to remove a malware virus from my laptop (PC- Dell - running vista). A first attempt at using the tutorial was successful, so I was confident about using this again. At one point the laptop needed to restart, but when it automatically restarted I could only access a black/blank screen. In each corner of the screen it has 'Safe mode' and at the top of the screen - 'Microsoft ? Windows ?(Build 6001:Service Pack1).

I keen not to start from scratch/system restore as I have images/work not fully backed up. Can anyone suggest a solution?

If I force shut down and start again - I can get to the safe mode option screen (+ safe mode with networking/safe mode with command prompt).
When I leave the computer to start normally I just to come to a completely black screen.

Baring in mind I would like to access work saved on the computer - any advise would be gratefully received.

Many thanks!

More replies
Relevance 87.74%

For the second time - I was following a bleeping computer tutorial to remove a malware virus from my laptop (PC- Dell - running vista). A first attempt at using the tutorial was successful, so I was confident about using this again. At one point the laptop needed to restart, but when it automatically restarted I could only access a black/blank screen. In each corner of the screen it has 'Safe mode' and at the top of the screen - 'Microsoft ® Windows ®(Build 6001:Service Pack1). I keen not to start from scratch/system restore as I have images/work not fully backed up. Can anyone suggest a solution? If I force shut down and start again - I can get to the safe mode option screen (+ safe mode with networking/safe mode with command prompt). When I leave the computer to start normally I just to come to a completely black screen. Baring in mind I would like to access work saved on the computer - any advise would be gratefully received. Many thanks!Mod Edit: OP reposted in Am I Infected ~ Hamluis.

Answer:Can't restart following attempt at malware virus removal tutorial

Hi witwisdom,I would recommend posting in the Am I infected? What do I do? as you may still be infected. Please read Before You Post About A Problem before posting.Pauline

2 more replies
Relevance 87.74%

Dear board,

I'm attempting to go through the malware removal instructions. I've just made it to the Java removal, then new version installation.

I downloaded the version through the link provided by MajorGeeks.

But when I double click on the download, I get a message that reads:
'The version of this file is not compatible with the version of Windows you're running . . . "

I've tried to find the 32-bit version online, with no luck. Can anyone point me to the correct download?

Thanks in advance!
 

Answer:Malware removal attempt: cannot download latest Java (32-bit)

Just skip this step for now and continue on, we can always come back to address this at a later time.
 

37 more replies
Relevance 86.92%

I have attached the log and txt files for you. I look forward to your expert advise,
 

Answer:Browser redirects hijacks search malware after attempt of removal

forgot this one too
 

7 more replies
Relevance 85.28%

Please help me,
I cannot access any internet (wifi & ethernet) after malware removal using GridinSoft Anti Malware. I already updated network drivers, but it's still not working.
 

More replies
Relevance 77.9%

This Malware Removal Bot has completely corrupted my computer. I cannot run or scan with Malewarebytes at all.
I cannot even start my mozilla firefox. Luckily IE is working.
Can someone please help me. I will appreciate your help.

Answer:How to remove Malware Removal Bot

Any help is appreciated.

7 more replies
Relevance 77.9%

Hi all, and a pre-thanks to anyone who can try and help me.My desktop computer has been compromised. This is my symptoms:Can only start in Safe Mode without Networking. Any other boot try endsin a blue screen dump, and restarts itself. It will start in safe mode fine.I have used Malwarebytes software and ran full scans 3 times in safe mode. It did pull upthe Antimalware Doctor virus, but it still is not working correctly. Still won'tboot up normally. I did use Rkill before I used Malwarebytes.I have done a restore to the earliest date, did not help.I am posting from my laptop, I did the prep scans and have them ready. This isthe only way right now I can work it, as I cannot even get the other one onsafe mode with networking. I hope this works.Attach file:UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_10-03-17.01)Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 6/30/2010 3:39:25 PMSystem Uptime: 10/3/2010 10:31:05 AM (0 hours ago)Motherboard: Dell Inc. | | 04GJJTProcessor: AMD Athlon™ II X4 630 Processor | CPU 1 | 2800/200mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 688 GiB total, 605.892 GiB free.D: is CDROM (CDFS)E: is RemovableF: is RemovableG: is RemovableH: is Removable==== Disabled Device Manager Items =============Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: McAfee Inc. mfehidkDevice ID: ROOT\LEGACY_MFEHIDK\0000Manufacturer: Name: ... Read more

Answer:Malware Removal - Can't Remove

You can close this thread out, as Dell is sending me a new hard drive with the operating system installed.Thank you for this forum tho, and your time.

2 more replies
Relevance 77.08%

I downloaded a program that looked legit but had all the bells and whistles of downloading something WRONG.  I aborted installation but still ended up with a default search engine on my Firefox browser called "SearchflyBar3"  I uninstalled everything that was downloaded....and even did a system restore back two days to get rid of it.  The time I opened Firefox it was back.  I tried a search on the name "SearchflyBar3" and nothing was returned.  The only way I could proceed was to go into Firefox private browsing to find Bleeping Computer.com for help.  If I am in Firefox private browsing, I cannot access any of my regular "saves" without having to reinter my user name and passcode.  I don't want to do that, so I'm stuck with limited use of my computer.Any help would be appreciated.Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due the absence of malware logs included in the topic. ~ Animal

Answer:Malware removal help - How do I remove "SearchflyBar3" ?

Download AdwCleaner -->http://www.bleepingcomputer.com/download/adwcleaner/Open it and press Delete. Follow the instructions...

2 more replies
Relevance 77.08%

Hi,

Thanks to Twin Headed Eagle, my PC is now clean. However I have the following programs I just can't seem to uninstall.
aswMBR, JRT, FRST, and shadow explorer
I have tried the "add/remove program" utility but they don't show up
I have tried http://www.avast.com/uninstall-utility It doesn't find aswMBR
I have also tried http://www.revouninstaller.com/ It doesn't find any of them
The last 2 I downloaded from the article http://malwaretips.com/threads/list-of-uninstallers-and-removal-tools-for-antivirus-software.299/

Can anyone help me uninstall these please?
 

Answer:How do I remove malware removal programs?

Sorry, i overlooked that.

? The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
 

4 more replies
Relevance 76.26%

What is Best Malware Protection?

Best Malware Protection is a fake system security software that is considered as a Rogue. Rogues are malicious programs that hackers use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information
Am I infected?

This is a screenshots of this rogue.

Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)

1. This rogue adds a proxy server which prevents the user from accessing the internet. To remove this proxy server, start Internet Explorer. Under Tools, select Internet Options.

Select the Connections tab. Then click on LAN Settings.

Un-check the boxes under Proxy server if they are checked. This will remove the proxy server and allow you to use the internet again.

For Firefox users, go to Tools > Options > Advanced tab > Network > Settings > Select No Proxy

2. After getting rid of the proxy, restart your computer. As soon as your computer turns on, tap F8 until you reach the Advance Boot Menu. Use the arrow keys and select Safe Mode with Networking .

3. Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3
Save it to your Desktop.
Double click the RKill desktop icon.
It will quickly run and launch a log. If it does not launch a log, tr... Read more

More replies
Relevance 76.26%

I have been working on a computer for a co-worker this weekend. It was loaded down with Malware, Trojans, and ad pop ups. Cleaned it with smitfraudfix, spybot S&D, and ran AVG on the computer. Also went ahead and ran CCleaner.

No more pop ups, computer is running good, but whenever windows starts it ups up a RunDLL error of "Error loading C:\Windows\system32\gosofuwu.dll The specified module could not be found"

Autoruns has two things listed pololotanu for the gosofuwu and Lekme for another dll it is loading on startup. I have never heard of these and can not find references online so I believe they were assocatied with the adware.

If i uncheck them in msconfig they come back (tried in safe mode also), if I delete their registry keys they come back, if I remove them with autoruns they come back.

Can you guys and gals think of anything else to try? It's a tiny bit frustrating and annoying to have that popup after the problem has been fixed.

Answer:Adware/Malware removal, cannot remove dll from loading

Go thru my guide

1 more replies
Relevance 75.44%

Hi everyone...I am getting ready to follow all the steps in your tutorial to clean up my system. I had been using spybot but couldn't run some of the programs they asked me to without locking up, so I have uninstalled spybot and am starting over.

My question is...if there is a root kit...would it also be on the external harddrive that I use for backup? It is always connected and backs up with Norton. Should I disconnect from it before proceeding or does it not matter?

Thanks!

Answer:remove external hard drive before malware removal?

If you have a rootkit...you ought to be posting at BC Am I Infected Forum, as a first step to attempting to overcome it, IMO.Louis

10 more replies
Relevance 75.44%

Hi All and Brian
 
I have moved my issue to the correct spot as requested.
 
All of a sudden I had Antivirus Security Pro flash up and tell me a had a whole heap of virus' and that people on the net could see me via my camera (my camera light was consistently on).  I suspect I got this from a dodgy site I visited (which obviously Microsoft essential did not pick up)
 
I following the instructions from this site http://www.bleepingcomputer.com/virus-removal/remove-antivirus-security-pro which appear to have removed most of it but I still have the following issues.
 
No matter what I download the virus windows comes up and deletes the file and secondly
And I could not find Microsoft Security essentials to uninstall. 
 
I have tried a Microsoft programme to try and remove/rectify  Microsoft Sec Essentials but it seem to still be there because I cannot install any new anti virus program (I have tried reinstalling MSE and even Trend but to no avail)
When I try and install MSE I keep on getting the 0x80070643 error
 
I have been contemplating doing a complete reformat??
 
 

Answer:Cannot remove Microsoft Security Essentials after malware removal

You are probably infectec with ZeroAccess rootkit.Open your topic here --> http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/Follow this guide --> http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

2 more replies
Relevance 75.44%

Hi All
I don't know where to put this request, it kind of crosses over different topics.
I had that Antivirus security pro virus which has now been removed following the method from this site (many thanks for that, it has been a huge relief), however I still get the .exe file errors and deletion when I try and download something and I cannot remove or reinstall Microsoft security essentials.  I have re run the malware program several times now and says everything is clean??
I have window 7 64bit if that helps
Cheers
DAvid

Answer:Cannot remove Microsoft Security Essentials after malware removal

G'day David, fellow aussie here.....
 
I would just about bet money that your PC is still infected mate . In fact i would probably bet the farm on it !
 
Ok...(on a more serious note)....Post a new Topic here :: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
 
Describe what led you to know that you were infected....and what steps you have taken since.
 
Kind Regards,
 
Brian

1 more replies
Relevance 74.62%

Junkware Removal Tool has consistnelty removed these from my Firefox user.prefs:
 
[File] C:\Users\...\AppData\Roaming\mozilla\firefox\profiles\...default\extensions\browserprotect@browserprotect.com.xpi
 
Successfully deleted the following from C:\Users\...default\prefs.js
user_pref("browser.search.useDBForOrder", true);
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"pr
user_pref("browser.urlbar.maxRichResults", 5);
user_pref("extensions.SortCustomizationDialog.existingButtons", "{\"navigator-toolbox\":[\"wrapper-tphistorydropdown\",\"wrapper-FoxLingo-Galician\",\"wrapper-FoxLingo-Latin\"
user_pref("extensions.fontfinder@bendodson.com.contextmenu", false);
user_pref("extensions.fontfinder@bendodson.com.currentVersion", "1.1.1");
user_pref("extensions.getAddons.maxResults", 10);
user_pref("foxlingo.cm_toggle_all", false);
 
Why does it do this? I can understand it is impossible to tune for every possible Firefox add-on. Still, it is clearly removing things which are not problems.
 

Answer:Junkware Removal Tool - why does it remove non-malware Firefox settings?

They are false positives. I'll whitelist those in the next version. Thanks for bringing it to my attention

1 more replies
Relevance 74.62%

Please help me How to Remove  Virus,Trojan and Malware on my computer.

 

Answer:How to Remove Virus, Trojan, Spyware, and Malware Removal Logs

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.     HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.    Scan with FRST in normal modePlease download Farbar's Recovery Scan Tool to you... Read more

2 more replies
Relevance 74.62%

What is Palladium Pro Malware

Palladium Pro Malware is a fake system software that is considered as a Rogue. Rogues are malicious programs that hackers use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information
Am I infected?

This are some screenshots of this rogue.

Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)

1. Restart your computer. As soon as your computer turns on, tap F8 until you reach the Advance Boot Menu. Use the arrow keys and select Safe Mode with Networking .

2.Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3
Save it to your Desktop.
Double click the RKill desktop icon.
It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
(This tools will kill the rogue's process temporarily. As a result, act quickly and move on to the next step.)

3. Download Malwarebytes' Anti-Malware to your desktop.

Double-click Malwarebytes Anti-Malware-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes' Anti-Malware

then click Finish.
If an update is found, it will download and install the latest ... Read more

More replies
Relevance 72.98%

After removing the "XP Internet Security 2010" adware from a friend's laptop, I am unable to connect to the internet on it. It connects to both his LAN and my LAN and shares files on a Windows network. However, both Mozilla and IE will not load any pages. I used Malwarebytes' Anti-Malware and "FixReg.exe" to remove the adware, per the recommendation of a BleepingComputer.com article (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010)

I did my best to do adequate research before begging for all of your help. I learned that malware can corrupt the Winsock stack and that repairing that can restore internet access. I followed the instructions from the Microsoft Knowledge base to do this and it didn't help. I also downloaded and ran several repair utilities that claimed to do the same task automatically. Still no internet. I ran a netdiag /test:winsock command and it returned successful, so I determined that my winsock is not the issue.

What else could be preventing me from accessing the internet?

Thanks so much,
Sam

Answer:LAN but no Internet after malware removal

Turn off computer. Disconnect router, and modem from power source for 30 seconds.Power them back on.Restart computer.If that doesn't work, bypass router, and connect computer straight to the modem.If that doesn't work...Go Start>Run (Start search in Vista), type in:cmdClick OK (in Vista, while holding CTRL, and SHIFT, press Enter).In Command Prompt window, type in following commands, and hit Enter after each one:ipconfig /flushdnsipconfig /registerdnsipconfig /releaseipconfig /renewRestart computer.If that doesn't work...Go Start>Run (Start search in Vista), type in:cmdClick OK (in Vista, while holding CTRL, and SHIFT, press Enter).At Command Prompt, type in:netsh int ip reset reset.logHit Enter.Type in:netsh winsock reset catalogHit Enter.Restart computer.If that doesn't work...Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/Network...inSockFix.shtml (doesn't work in Vista)Restart computer, and check again.If that doesn't work...Download Dial-A-Fix (DAF) (doesn't work in Vista):http://wiki.lunarsoft.net/wiki/Dial-a-fix#...2C_and_articlesHave XP CD available in case DAF needs a file. Likely not!Check all boxes on the screen (clear any restrictions if it shows any)Then click GO!When the entire page is finished click the HammerHead at bottom to go to the second DAF page.Here, one at a time, do the below:Reinstall BITSReinstall Windows FirewallRepair PermissionsReset networkingWatch for any File not found or other errors and make note as t... Read more

15 more replies
Relevance 72.98%

Hi there,

I had problems with the Win 7 Virus malware, as well as the Google redirect virus. I removed using MalwareBytes and a Microsoft download, and now all Malware scans are clear. However, I cannot connect to the internet. The wireless signal is strong, however it will not grant me internet access. Any help or advice that you could give me would be most appreciated, as I am crippled without my laptop.

Thanks a lot!

Answer:No internet after Malware removal

Can you post the logs from Malwarebytes?

14 more replies
Relevance 72.98%

After running several anti-malware programs (AVG, Malware Bytes, rootkit remover, and TDSS Killer), I can no longer connect to the internet. Network Connections says that my Wireless Network Connection is "Connected", but none of my browsers or programs can connect. My Operating System is Microsoft Windows XP Professional (5.1, Build 2600).
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by JJ at 14:17:49 on 2012-05-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.943 [GMT -4:00]
.
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Carbonite\Carbonite Backup\carbo... Read more

Answer:No internet after Malware Removal

Hello, TokyoRose.My name is etavares and I will be helping you with this log.Here are some guidelines to ensure we are able to get your machine back under your control.Please do not run any unsupervised scans, fixes, etc. We can work against each other and end up in a worse place.Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.Please reply within 3 days to be fair to other people asking for help.When in doubt, please stop and ask first. There's no harm in asking questions!Looking over your logs, there is a patched internet file and an error in the entry. WHat virus did you remove? To ensure it is completely gone, we will start with Combofix.Viewpoint (foistware) Warning"I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player's components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates.... Read more

2 more replies
Relevance 72.98%

I got attacked by some malware, I can't remember the exact name of it, but it was through one of those ads for a fake Virus Removal programs I clicked on accident.

I removed it using two different programs (MBAM, and Super Anti-spyware), and I am sure that it has been completely removed. However for the short time it was on my computer it deleted some of my drivers including the ones for my wireless adapter. I reinstalled and now it can connect to the network, but it won't send or receive packets.

Any tips/suggestions?
 

Answer:Cannot use internet following malware removal

9 more replies
Relevance 72.98%

After installing and successfully using Malewarebytes. I do not have internet access to the browsers. Computer is connected to the wifi but no internet access. Please help. Help be happy to donate for a solution. Thank you
 

Answer:No internet after Malware removal

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

17 more replies
Relevance 72.98%

I have scanned with AVG with the latest updates. On top of that insidious google redirect I get random pop ups even when I don't already have IE or Firefox running. Also getting sounds in the background like I'm clicking on a link, surfing the net when I'm not. And SYSTEM in task manager is hogging a ton of memory.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:52:42 PM, on 8/7/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeC:\... Read more

Answer:persistent malware undetected by virus scans and malware removal tools

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

2 more replies
Relevance 72.98%

Hi,

I am the IT manager in my company.

I have a co-worker, his computer has search redirect issue. That means most likely it has malware.
Then i installed some major malware removal: Spybot Search & Destroy, SUPERAntiSpyware, Malwarebytes

After i installed them, i cannot launch them(That definitely means it has some kind of malwares)
I needed to rename their .exe files, after i can run them and scan my computer.

SUPERAntiSpyware, Malwarebytes found something, but didn't solve the problem, search redirect and
blocking malware removal software are still there. Now i am running Spybot Search & Destroy will see what happened.

By the way, i run them in safe mode because when i logon window to normal mode, it is slow (like it takes a long time to explore hard drive, etc). I suspect the malware slow down my pc. hopefully not registry corrupted or something, but works smoothly in safe mode.

So you guys have any suggestions? or you need a log file from combofix?

Please advise,
Tommy

Answer:malware: google yahoo redirect and can't launch malware removal software

Try this:http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

5 more replies
Relevance 72.57%

I did a hijackthis scan and here's what I got:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:18:17 PM, on 4/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\System32\DVDRAMSV.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exeC:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exeC:\WINDOWS\System32\00THotkey.exeC:\WINDOWS\system32\TFNF5.exeC:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exeC:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynT... Read more

Answer:Malware Blocking Acess to Spybot, Microsoft Malicious Removal Tool and other anti-malware programs

Hey guys I solved my own problem. I completely reinstalled windows. (It was about that time anyway)

2 more replies
Relevance 72.57%

I was surfing the web today and I believe I clicked on a pop up by mistake when I shouldn't have. Avira then blew up with Malware alerts and I knew I had a problem...

I did a virus scan and it removed the detections found but when I did a restart they were back again. Also, the virus seems to move itself around to other .exe files. I found it had infected moviemaker.exe so I manually deleted the file as I don't need it but as soon as I emptied my recycle bin the moviemaker.exe file returned back to its original folder.

I'm afraid something really nasty has infected me. Avira is detecting it as a W32/Infector.Gen2 and Maleware Bytes is detecting 2 Malware.Packer.Gen files.

I went through the Read Me First steps on this site and preformed everything it asked. However, I was unable to uninstall my previous JAVA (ver 19) and was not able to install the newest version of JAVA. Both gave me errors that the installation program wasn't working.

I'm attaching the logs here. Can anyone help me get rid of whatever is infecting my machine? I would really appreciate the help!
 

Answer:HELP-Requested Malware Removal (Infector.Gen2 / Malware Pacger Gen)

Here is the 5th log.
 

6 more replies
Relevance 72.16%

I removed a malware and eversince, i am not able to connect to the internet. I tried everything described in the internet to get connectivity back nut not successful. Can you please help.

Below is the results from running MTB and Farbar.

MTB results:

____________________________

MiniToolBox by Farbar Version: 15-07-2012
Ran by pearl (administrator) on 15-07-2012 at 18:04:19
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : pearl-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-... Read more

Answer:No internet connection after malware removal, please help

13 more replies
Relevance 72.16%

Hi,On 8/6, my desktop was infected with trojan called rogue"Personal anti-virus". I downloaded the "malwarebytes anti-malware" and managed to remove the malware from the PC.However, after removing the malware, the internet connection became limited in connectivity. [Note - I didnt know that I had to scan the PC in safe mode.]I had since uninstalled the "malwarebytes anti-malware" software. I called up the ISP yesterday and we worked through the "long" exercises- ip config, netsh ip int reset resetlog, pinging, etc. The ISP guy said the problem lies with the PC, and not the internet connection by ISP.[*** I have been able to connect my Notebook using the same cable modem- I can connect to Internet using my Notebook, but not the PC....] I am not good in IT related stuff. Appreciate if someone can assist me. I hv tried everything, including reinstalling the network drivers, uninstalling anti-virus programs and firewalls. Still the connection is not working --> the internet connection icon is on, but no signals of data received/transferred....] Is my PC still infected? I could not go online with my current PC. Please help!Thank you for reading this!EDIT: Seeing how you cannot wait for a few hours for a response, I removed your HJT log so you can continue here. You cannot have both at onceBesides, there was no log present in you other post, as required

Answer:Cant connect to Internet after removal of malware

Log on as an administrator, go Start > Run and type: "cmd". In the window that appears type: "netsh winsock reset". When the program is finished, you will receive the message: "Successfully reset the Winsock Catalog. You must restart the machine in order to complete the reset." Close the command box and reboot your computer.Go Start > Run > type: "cmd" In the window that appears type: "ipconfig /flushdns". Close the command box.Go Start > Control Panel > Network Connections. Right click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and and choose Properties. Double-click on the Internet Protocol (TCP/IP) item. Select the radio button that says "Obtain DNS servers automatically". Reboot. Warning: Some Internet Service Providers need specific DNS settings. You need to make sure that you know if such DNS settings are required before you make this change.

35 more replies
Relevance 72.16%

Good evening.

For the past couple of days I was attempting to eliminate the nasty Google redirect virus that was beginning to become quite a nuisance. After trying a few things I eventually found the program Kaspersky TDSSKiller and gave it a quick run, 'cured' every issue that come up and rebooted the computer as instructed. However, as I went to open firefox to check google, I was informed that I no longer had any internet connection.

After much experimenting I am pretty sure by now that this is because something has been wiped from my registry. I have tried to restore the computer to an earlier checkpoint and have had no luck.

I have completely run out of ideas and am not sure where to go from here. Any help would be much appreciated. Just let me know what information or logs to post if needed.

Thanks in advance.

Answer:[SOLVED] No internet after malware removal

More then likely you are still infected.But First Go to Start/Run and type devmgmt.msc and press enter. In the Device Manager do you see any yellow marks? If so, then these device need to have drivers installed. Go to your computers Support/Download Drivers site. Type in your make and model # and download the Network Adapter driver for your make and model computer.

6 more replies
Relevance 72.16%

Hi
I had some serious virus problem after stupidly opening a link I got from a friend via facebook. Yes, i should have known better. :-o
I started getting false security risk alarms which lead me to download Virus Response Lab2009. After realizing those fake alerts are the problem, I downloaded and ran SpyHunter. This seem to have cleared the false security-risk pop ups.
However, then I started having problems when using the internet. When I searched something on google and clicked on a link that turned up as result, it would lead me to a completely different, irrelevant webistes! I researched and found that was some sort of malware. I downloaded anti-malware software from malwarebytes.org. The malware scan turned up 60something infected files which I removed.

And now, I have absolutely no internet connection with the computer. I am currently using another computer which is conneted to the same internet router and is working just fine so I am suspecting this internet problem is only with this one particular computer.

HELP!!!:cry
 

Answer:Lost internet after malware removal

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide

Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

 

1 more replies
Relevance 72.16%

Hi i had downloaded a program that i believed to be infected and when i deleted it, my internet stopped working. the connection is fine and my laptop connects fine. it shows its connected but it wont load any webpage. my anti virus wont even open. internet explorer wont even open either.

Answer:Cannot connect to internet after malware removal?

You can try resetting Winsock and TCP/IP
 
For Windows 7 type CMD in the Search box and Right Click Run As Administrator
For Windows 8 or higher press the Windows key + X > As admin
 
At the command prompt type the following and <enter> after each command

netsh winsock reset
netsh int ip reset c:\resetlog.txt
Reboot and see if you can connect.

9 more replies
Relevance 72.16%

I tried to clean up the Malware before coming here. I used several of these programs before coming here and following the read me. Root repeal will not install so I don't have alog from it.
 

Answer:Malware Removal, now no Internet connection

Welcome to Major Geeks!

I'm not seeing any malware in your logs. I do see that you do not have DHCP enabled and that will prevent your network from getting setup. You need to reenable DHCP to properly acquire an IP address and other network settings from your router.

If you don't know how to do this, see the below:

http://www.ehow.com/how_5072525_enable-dhcp-windows-xp.html
 

1 more replies
Relevance 72.16%

Hi. Rather strange problem. Acer Aspire 1 netbook, running Windows XP.

I removed what I thought was a fairly simple bit of malware from a client's pc.

Now I can't seem to access the internet from any installed browsers. The weird part? I CAN still access the internet from any browser installed on a USB drive.

I'm thinking registry issue, possibly due to the malware. Any thoughts?

Thanks in advance.

More replies
Relevance 72.16%

Hi!

After using the malware cleaning software the internet stopped working (it only worked intermittently before anyway). I tried various methods to resolve the internet problem but came up blank. I then saw your website and tried some of the methods suggested here (FSS, FRST, TFC) but again to no avail. Another site recommended MiniToolBox, AviraDNSRepair, Microsoft Fixit for Host Reset, and Rizonesoft's Complete Internet Repair. Still no internet!

I'm hoping you can help.

Thanks in advance for any reply,

Gav
 

Answer:No internet after using malware removal software

Hi,

Before we begin, I want you to have this in mind:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like ever... Read more

48 more replies
Relevance 72.16%

I recently (2/8/17) ran malware removal software on my computer and have, since doing so, have not been able to access the internet despite the computer showing I am connected to my home network. I have tried searching the internet on another computer to find a solution but have been fruitless.

I ran Malwarebytes, SUPERAntiSpyware, and CCleaner, as well as updated my computer.

If you could help me solve this issue I would greatly appreciate the help!

Thank you!
 

More replies
Relevance 72.16%

Greetings:

Thanks to all who help out in this place!

I am working on a friend's laptop. She indicated that she had gotten a windows popup window saying that she was infected and had clicked "ok" only to realize that when windows challenged her that she backed out. Afterwards she indicated that she wasn't able to access the internet.

Following your " READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker) " sticky I've been able to seemingly recover the system (I'm able to get to Users to create an administrative account now, get to "system restore", etc.) though I didn't keep a specific record of each step of the process. Her McAfee has shown back up, but I can't seem to completely diable it to run ComboFix. I've killed all but the mcshield process through the task manager, but don't see any way to close/kill it.

I was unable to remove Wild Tangent from the Add/remove program list. MalwareBytes was unable to update due to no internet connectivity, but it found and removed a number of infections. I've also installed/run SuperAntiSpyware, security360, CCleaner, ComboFix (with the McAfee warning due to its staying on), Defogger.

I went into networking help and they suggested that due to the insidious nature of malware/virus/trojans that possibly I had missed something and that I should come here.

Any suggestions on next steps would be greatly appre... Read more

Answer:No internet access after Malware removal

I just uncovered my first Combofix log, but the system won't allow me to attach it. I'll rename log.txt and try again. Nope, it won't take. If you need it, let me know.
 

7 more replies
Relevance 72.16%

Hello and thanks already for the opportunity to post my first question.:confused. I am helping a friend with her OLD computer (OS is XP - DELL Inspiron 500 series - Bios Version A08 - 1,40 GHz CPU Intel 855GM/855GME - RAM 256 MB) after BSoD problems. From a previous scan (Avast) when pc worked there were WARMS infection. The pc has had irregular and complex start up patterns which began for months with black screens with fault meldings and shutdowns and start problems and ended up last week or so with BSoD.

Luckily i was successful, after long troubleshooting and letting the pc rest, to boot up Windows. So i looked immediately in Device Manager, to see a Yellow Triangle on the CPU and a a yellow Exclamation Mark on the PCI-Networkcard (drivers/ hardware issue i thought). But then the PC shut out so i couldnt troubleshoot these devices. (My friend said that that triangle on the processor sit there already 1 1/2 year but she did not understand what does it mean and therefore did not do anything about it:cry).

I made a troubleshoot plan, when or if i get him to start again, and i thought i have FIRST to clear the system from all malware and boot from Safe Mode WITH NETWORK. But when i finally had success to boot again and got in Safe Mode I thought I go one more time to the device manager because the first time i could'nt click on the CPU and PCI. Windows opened in Safe Mode but because the PC VERY SLOW, The PC went out again. And after that i tried all options on... Read more

Answer:Malware removal without connection to internet

You do not have to be connected to the internet to run scans. You can download them to one computer, save the .exe file that you downloaded to a CD or USB flash drive, and install it from the disk to the infected computer. Then you just run your scans.

A lot of times that is the only option, in fact.
 

14 more replies
Relevance 72.16%

Having downloaded the new MSN toolbar we caught the antivirus 2009. Having run the malwarebytes to get rid of this I now cannot get connected to the internet.
I have been on the phone to my internet provider who tells me that there is nthing wrong with my broadband connection as the two other wireless computers are working ok so it must be a firewall in the problem computer which is to blame.
I have McAfee and have run several scans which tell me that there is nothing wrong. I have disabled mcafee and tried to reinstall the broadband with the suplier, but it's still not working.
If anyone can help, that would be great.
 

Answer:no internet connection after malware removal

Welcome to Major Geeks!


Moved your thread from networking to malware as I feel as if you still may have some components of antivirus 2009 or other payloads it may have downloaded with itself, so please to rule out any malware still being the cause of your connection issues, run the below guide and when finished attach the requested and saved logs.



Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


READ & RUN ME FIRST. Malware Removal Guide


If something does not run, write down the info to explain to us later but keep on going.

Do not assume that because one step does not work that they all will not.
Notes:

If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

 

16 more replies
Relevance 72.16%

Hi there,

I recently had a virus(es) on my laptop that redirected my google searches and filled up my screen with fake security alerts, fake windows updates, and porn sites. As all of this was going on, my wireless stopped working, so I have assumed the virus is at fault here too. At any rate, I managed to download Malwarebytes on my desktop computer and transfer it over to my laptop in safe mode. It found and successfully removed 11 items, including "Trojan.Fraudpack," "Rogue.AntivirusSuite," and "Adware.MyWebSearch." The google redirects, fake security alerts, fake windows updates, and porn sites have all stopped, but I still cannot connect to the web - wirelessly or wired. I've tried uninstalling and reinstalling the drivers, but this didn't help at all. When I try to connect wirelessly, it says "Unknown authentication status" and the signal quality fluctuates from excellent to out of range. I can "see" my wireless connection as well as several others, but I can't connect to any. I've been going at this alone, so I hope I haven't messed something up. I could really use some guidance... Thanks in advance.
 

Answer:Can't connect to internet after malware removal

16 more replies
Relevance 72.16%

Hi there,
I recently followed to the best of my ability the remove malware guide on this forum after I seemed to pick up some bad bits and pieces which were making internet explorer pop up randomly with ads and I was alerted to a heap of blocked intrusions by zone alarm..

The programs in that thread found a lit if Trojans and things so I figure I caught whatever was on the system, however now my internet won't work, I think maybe I've left a setting undone somewhere along the way??

When I open firefox I get a popup alert from zone alarm saying it is blocking an outbound connection or something.. My firewalls are all set to the highest level, am I somehow blocking myself now from using the Internet?

Can anyone help me, I have no idea wat I'm doing -oh dear- abs using the Internet on my phone to type this is a very long and tedious task.. LOL!!!
 

Answer:Internet blocked after malware removal

Disable or remove Zone Alarm and see if that takes care of the issue.
 

1 more replies
Relevance 72.16%

My computer was badly infected with all sorts of malware and spyware. I used MalawareBytes and Combo Force to remove them and apparently got rid of all annoying popups, DLL error messages, and than used System Mechanic to fix all Registry problems. AFter doing so my internet stopped working at all. I used WinsockxpFix to fix the DNS and it started working again. I downloaded and installed AVG Full Version. but since than my Internet is really slow. I have a 8MB broadband connection and Google takes a few seconds to open. Youtube doesnt load any videos at all. So yeah the speed is worst than Dialup.

Here's my HJT Log. Please have a look and advise me of a solution. I'll be very greatfull for all the help i can get. Thanks.

HJT LOG
======
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:11:00, on 18/01/2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe... Read more

Answer:Very slow Internet after Malware Removal - PLEASE HELP!

Hi Welcome to TSG!!
You didn't get rid of the malware and may have caused irreparable damage to the registry but we can try...
Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Go to Microsoft's website => http://support.microsoft.com/kb/310994

Select the download that's appropriate for your Operating System


Download the file & save it as it's originally named.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Please note once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall.

Drag the setup package onto ComboFix.exe and drop it.

Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Con... Read more

1 more replies
Relevance 72.16%

Please see attached FRST log and hopefully you can help me solve this issue.
 

More replies
Relevance 72.16%

I was trying to install a software. But it contained heavy viruses. My whole laptop had been infected with malware. I ran malwarebytes to remove it but it didnt fix my laptop completely. I then used Norton Power Eraser. It found some more threats and cleared everything but now I am not able to access internet. Neither, google chrome nor internet explorer is working. Please help. It is urgent.

Answer:No internet access after malware removal

I had this problem once, I am quite sure you go into chrome settings>advanced settings>Network/change proxy settings>connections>lan settings and uncheck the box to use a proxy server if its checked. 

3 more replies
Relevance 72.16%

I recently (about a week ago) had adware on my computer. I am not sure where it came from but that's not the point. I had it completed wiped the malware out today and now the internet connection is not working for my the used to be infected computer.
 

Answer:Internet Not working after malware removal

I meant adware sorry...
 

6 more replies
Relevance 72.16%

I deleted a malware from my computer, now I can not connect to the internet. Neither wired or wireless. I also can not do a system restore. I have done the windsock repair which also didn't fix the problem. Please help.
 

Answer:can not connect to internet after malware removal

You may not have removed all the malware. Please follow these instructions:

READ & RUN ME FIRST. Malware Removal Guide
 

41 more replies
Relevance 72.16%

I mistakingly posted on the wrong forum before this...I am very sorry for that~~ I was advised to post here where it should have been~ I hope I haven't offended anyone by doing this~ I need your help~Yesterday I had a malware infection that was making pop-ups for virus removal. I used this think to clean it http://www.bleepingcomputer.com/forums/t/108399/how-to-remove-antivirgear-removal-instructions/. It removed the pop up but now I can no longer access the internet through any IE forums. My Firefox and Netscape do work. I tried to continue with your instructions for malware removal by using Panda..but it's not supported on these browsers. When my EZ antivirus tries to access it , it's told there is limited internet connection so my email part of the anti virus does not work either. Where I wrongly posted I was told to fix my WinSock...I did and that didn't help either. Is there anything else I can do before tossing it out the window?Thanks so much for your time and the patience you will need to help me : )I have a hijack this log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:07:30 PM, on 9/21/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\sy... Read more

Answer:Malware Removal And No Internet Connection

Hi robang13,

If you still need help please post a fresh HijackThis log and I'll be happy to look at it for you.

Thanks for your patience.

9 more replies
Relevance 72.16%

Hi guys,

I created a new page: http://www.selectrealsecurity.com/fix-internet-connection/

You may experience Internet connection problems after you remove malicious software. When you try to connect to the Internet, you may receive one of the following error messages:Click to expand...

I would appreciate any feedback.
 

Answer:Fix Internet Connection after Malware Removal

RE: [New] Fix Internet Connection after Malware Removal

I found Windows 7 does a good job with automatic troubleshooting. Right click the network icon bottom right and utilize the troubleshoot problems or your could also get acquainted with the ipconfig as well
 

11 more replies
Relevance 72.16%

I can not connect wired or wireless. I tried windsock repair. Please help. Lost 2 days of work already.
 

More replies
Relevance 72.16%

i tried to download some movies from kickass.to but some warning thing keeps comin up then i found 1 site says download the kickass.to as app then i did and after i installed it i was wonderin why nothin else came up then suddenly some random browsers ive never downloaded comes up, then found few more apps been downloaded but i deleted then and so i downloaded the anti-malware and payed for premium just to get rid of the malware then it did but now my desktop wont connect to browsers, online games etc but theres internet comin in and alot of error keeps comin up about c:\windows\system32\Rhouja.dll missing or something. i have no clue what to do because this never happened to me before, help pls
 

Answer:Malware removal loss internet

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

10 more replies
Relevance 72.16%

After ridding myself of a virus that was redirecting my browser and creating popups, I am unable to connect to the internet.  I have followed the guide at SelectRealSecurity.com to "Fix Internet Connection after Malware Removal" with no success.  My computer's Network and Sharing Center says I have an internet connection but my browser do not connect, no do other programs that use an internet connection.  I connect just fine to the other computers on my network.  I have tried to restore the computer to an earlier time, but it does not complete successfully.  Any help or direction would be appreciated.
 

Answer:No Internet Connection After Malware Removal

Hi,
If you believe your machine is clean, we can proceed with fixing..
First, let us know your system config like os ver., n/w adapter and other details.
What do you observe when you : open a command prompt > type in ' IPCONFIG /ALL ' > hit enter key? Post them back.
Download and execute minitool box from http://www.bleepingcomputer.com/download/minitoolbox/ and checkmark the boxes/options:
Flush DNS
Report IE proxy settings
Report firefox proxy settings
List content of hosts
List IP configuration
List winsock entries
List the last 10 event viewer errors
List of installed programs
List devices
.
After execution, Farbar MiniToolBox will provide you with a detailed report (result.txt). Post back its contents.
.
Download and run FSS from http://www.bleepingcomputer.com/download/farbar-service-scanner/
Checkmark all options > scan > copy the contents of the log to your reply.
.
For running tools, right click on the tool > Run as administrator.
.
Is your modem(+router) okay?

14 more replies
Relevance 72.16%

Hello All and thanks for the Help,

I recently got a trojan virus while browsing on the web. I removed it with no problems after using Malwarebytes. Since removing the virus though my internet is doing strange things. For example I can go on web pages in Firefox fine and download things fine, but when I open up steam the store says unable to connect to the internet. I can go on steam and play a game on multi player but the steam program its self wont open up its pages. I am also having this problem with WoW. I can play WoW fine, but the launcher does not show me any information when I open WoW, all I can do is hit play. I have a feeling I have some setting on that shouldn't be and it is probably an easy fix, I just can't figure it out.

Thanks for any assistance with this,

Tony
 

Answer:Internet Issue after Malware Removal

bump! thanks for any guidance.
 

2 more replies
Relevance 71.75%

Hi
I test many souloution but I didn't get result .
my Antiviruse don't work and I uninstall it .
my task manager , regedit , msconfig disable and I cann't run
computer in safe mode .
I read and execute commands of "READ & RUN ME FIRST Before Asking forupport" post but
1. I cannot execute Msconfig in Run box when I execute it
windowes give a error message .
2. I download ComboFix but it dose not work on my OS .(messaeg
error:ComboFix.exe has encountred a problem and need to close ...
3 I change "Don't show hidden file and folders " in folder option
to "show hidden file and folders " but after ok it return to befor
setting .
My computer to be unusable !!!!!!!! please
help me .
best regards
 

Answer:My computer to be unusable! by Malware

Welcome to Major Geeks!





ashkan190 said:





1. I cannot execute Msconfig in Run box when I execute it windowes give a error message .Click to expand...

Did you try after running the cleaning procedure?





ashkan190 said:





2. I download ComboFix but it dose not work on my OSClick to expand...

Not true. ComboFix works fine with your OS. Try it again in safe boot mode.

Are you filtering anything from being displayed with HijackThis? Your log looks way too small which would indicate you are filtering information which you must not do or we will not be able to fix your problems.

First please run this Resetting Registry and File Permissions Make sure you reboot as requested.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\Administrator\Desktop\RRT\RRT.exe auto
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Inter... Read more

8 more replies
Relevance 71.75%

Hi,

I seemed to have picked up something. The computer is unusable (except in safe mode) due to being extremely slow, things unable to be opened, rebooting etc. It also seems to prevent Avast from being opened.

It is a Toshiba laptop, running Windows 7.

I have run the scans as below.

Any help would be extremely appreciated.

Thanks

Kevin

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:15:27 AM, on 11/10/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode
Running processes:
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9... Read more

Answer:Computer unusable - seems to be malware

I have managed to log on using a clean boot. I also tested by reactivating half of the services and then noticed that when it logged in Avast had been deactivated automatically.

I have now run HJT from within the clean boot rather than safe mode.

Logs below.

Thanks for any help.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:17 AM, on 12/10/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Kevin\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x... Read more

1 more replies
Relevance 71.75%

Please find attached the logs from the scans in the Windows XP Cleaning Procedures. I followed the Cleaning Procedures but still have a problem. The problems can be pinpointed to yesterday when I surfed to a web site without having an up-to-date Anti-Virus definition files. Before I knew it, I had an infected machine.
There seems to be 2 problems.

(1) After restarting the computer, Windows File Protection gives following message.

Windows File Protection
Files that are required for Windows to run properly have been replaced by unrecognized versions. To maintain system stability, Windows must restore the original versions of these files. Insert your Windows XP Profession CD2 now.

I have Dell OEM Windows XP Media Center 2005 installed on my Dell Dimension 5150/E510. Problem is, Dell has a Windows XP re-installation CD but Dell states there is no 'CD2'.

(2) I keep getting pop ups every time Internet Explorer is open. The pop ups occur on their own.

Hopeful you can help me to fix the problem. :confused
Thanks,
Ankur

p.s. Please note, the AVG Anti-spyware log is not attached because it was not generated by the tool. I scanned my computer using Trend Micro (after updating virus definition files) and I can provide the logs if you need.
 

Answer:Malware problem not fixed with Malware Removal instructions

Welcome to Major Geeks!

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below old versions of software:
Java 2 Runtime Environment, SE v1.4.2_03

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

F3 - REG:win.ini: load=C:\WINDOWS\system32\mlljg.exe
O2 - BHO: (no name) - {3F7BDD0B-0462-4F19-8B87-54D83601B87C} - C:\WINDOWS\system32\mlljg.dll
O2 - BHO: (no name) - {B8AFD866-6B8B-490E-DA2E-39E671810F96} - C:\WINDOWS\system32\mknamps.dll (file missing)
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

After clicking Fix, exit HJT.


Now download The Avenger by Swandog46, and save it to your Desktop.

Extract avenger.exe from the Zip file and save it to your desktop
Run avenger.exe by double-clicking on it.
Check the 'Input script manually' box.
Click on the magnifying glass icon.
Copy everything in the Quote box below, and paste it in the box that opens:




Files to delete:
C:\WINDOWS\system32\ctfmon .exe
C:\WINDOWS\system32\mlljg.exe
C:\WINDOWS\system3... Read more

9 more replies
Relevance 71.75%

Dell m1330 Vista home premium. I have malware isses, frequent memory dumps, google redirection and something is preventing me from running or installing anti-malware programs. I had to install malwarebytes using the rename method, but the program will not run in safe mode or normal. I had spybot previously installed but I was also prevented from opening, so I tried reinstalling, but before it can complete the installation I get the blue screen of death memory dump! Before reading the procedure I ran coolweb, kill2me, windows defender and windows malicious software tool. None of the programs found anything. I also perfomed a couple system restores, but both failed.

Should I continue with the cleaning procedure (combofix), or does anyone know how I can get malwarebytes and spybot to run?
 

Answer:Trying to follow malware removal procedure, but malware is preventing me?

Here's my MGtools log, it was the only program that worked.
 

4 more replies
Relevance 71.75%

Four steps that will keep your PC happy, healthy, and crap-free

Malware sucks. In the best-case scenario, it craps up your system with unwanted files and occasionally makes itself known in the form of a persistent pop-up window or annoying browser-based toolbar. In the worst-case scenario, malware completely takes over your desktop or laptop and ruins your life.

Your system slows to a crawl. You can’t even boot into Windows in the time it takes you to walk to the kitchen and back. Your data gets sent off to a faraway Internet land or, worse, your actual keystrokes are recorded for some unsavory individual to see. Malware locks down your browser, making you unable to actually do any browsing without being carted off to some bogus domain. You can barely run a program in Windows without getting bombarded by fake advertisements, programs, and dancing people on your desktop.

We can’t make this stuff up.

So what’s a computer enthusiast to do? Step zero: Read this guide, because we’re going to walk you through all the key details you need to know to both rid your computer of this junk and keep it free of downloaded nasties forevermore.



Read more at:
Maximum PC | Malware Removal Guide 2011: How to Get Rid of All The Latest Malware

Answer:Malware Removal Guide 2011: How to Get Rid of All The Latest Malware

Most excellent reading, thanks for posting for all to see, I , myself, use most all of these myself, the only paid program i have is malwarebytes, the rest are free add ons or are free programs . Thanks.

5 more replies
Relevance 71.75%

Hi. I am trying to diagnose a problematic laptop for a friend. I don't know the details of what happened to cause the problems. The main problem I can detect is that the laptop is EXTREMELY slow. It seems like anything I try has a delayed response (even a simple mouse click). I followed the Malware Removal Guide, but was only able to run two of the five suggested tools as follows:

1) SUPERAntiSpyware - I ran this after manually updating the definition files on the version already installed and the scan found nothing.

2) Malwarebytes Anti-Malware - I was not able to update the definition files for the current version installed. After several attempts to uninstall this (via the Control Panel), I was able to do it via CCleaner. However, I was not able to re-install a more recent version due to problems with the Windows Installer service. After uninstalling an outdated version of Java (Update 14) via the Control Panel, I have not been able to install/uninstall any more programs.

2) combofix.exe - not compatible with 64-bit OS

3) RootRepeal - did not run on 64-bit OS

4) MGtools - did run; kept getting errors, but continued to completion

Attached are the SUPERAntiSpyware and MGTools logs:
 

Answer:Possible Malware preventing me from running malware removal tools

I am not seeing any malware in those logs. I do not know why MalwareBytes would not run, are you able to run it in safe mode? How does the PC behave when you use safe mode?

More than likely I think I will be sending you off to the software forum.

We can do this:

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:



O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsM... Read more

5 more replies
Relevance 71.75%

Had a machine in riddle with viruses which we duly cleaned up and removed without incident. Uninstalled the applications one at a time, restarting each time it was required and all was good.

After removing the last app (dont ask me which one it was I cant rememebr) the machine no longer starts.

It's boot cycling but once we disable automatic restart on system failure it brings up a STOP 24 error.

Have booted to puppy linux and examined the hard drive (which is SATA btw) and the data seems intact so we can assume, physically at least, that the drive is good.

Booting to an XP CD and attempting to access the recovery console to run chkdsk /r and it appears the drive is either not detected or is empty (the latter we know not to be the case)

Boot to an X CD to attempt a repair install and it tells me there is no hard drive present.

Check the BIOS and the drive is detected properly. swap the hard drive for a SATA CD and it detects the CD without issue which makes me thing the SATA controller must be functioning too.

Now it seems that the this single disk system has some kind of RAID configured on it according to the boot screens. My next step would be to remove the RAID but I'm concerned it might format the drive. Is this likely? It has an ASUS A8R-MX/S motherboard but the info I get from their site is a little vague.

Am I on the right track with the RAID thing or way off base, help me folks its driving me nuts.
 

More replies
Relevance 71.75%

Hi, i got infected because i was triying to run malwarebytes and it skip the part of analising the files, it ended in arount 1 minute in a full scan, and i tried to download dr web cure it, and it dont allow me, the computer seems fine, but those things are very strange, and when i was running the scan i was in safe mode...
 
thanks for the help

Answer:Malware infected, malware removal tools useless

Greetings samidelcueva and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.If you would allow me to call you by your first name I would prefer to do that.===================================================Ground Rules:First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter pro... Read more

0 more replies
Relevance 71.34%

Hi you all,

few days ago I've remove malware from my computer, and since than my internet explorer and google chrome is not connecting to the internet, I can not update my antyvirus software because it is having problem connecting to the update server, however when I am using firefox websites are running ok.

Could you advice how to diagnose the problem and fix it please.

Thanks,

Rob
 

Answer:Internet explorer is not connecting to the internet after malware removal

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and attach the requested logs when you finish these instructions.
**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a differe... Read more

1 more replies
Relevance 71.34%

This is the third post trying to fix this problem: First Post to Am I Infected Forum:http://www.bleepingcomputer.com/forums/t/601413/dchp-and-dns-issues-after-removing-trojan/#entry3907418Second Post to Networking Forum:http://www.bleepingcomputer.com/forums/t/602425/dns-issues-after-virus-removal/page-2#entry3932653 Which leads me to here.  Quick Summary of events.  Microsoft Security Essentials warns me that computer has been infected with Trojan:Win64/Patched.AZ.gen!dll virus. I managed to remove it (or so I thought) using a combination of Spybot, and Malware Bytes, and some manual replacement of files.  After the Trojan was removed I could not connect to the internet and the DNS and DCHP services would not start. I eventually repaired those two services from starting by using the Windows 7 Install disc and running the repair console, however that still didn't fit my internet issues.  The weird part is that the computer connects to the internet just fine. I can ping Google/yahoo successfully, but when I open a web browser (IE, Firefox, Chrome) I can not connect to any websites. The other day I was surprised to see that Adobe was able to download updates to Adobe Reader without any issues. Yes, I have restarted the computer/modem/router/Switch multiple times.  FRST Log As Follows:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01Ran by editor (administrator) on EDITING (13-02... Read more

Answer:Internet Blocked after Attempted Malware Removal

Greetings Belwell and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.If you would allow me to call you by your first name I would prefer to do that.===================================================Ground Rules:First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems... Read more

55 more replies
Relevance 71.34%

Hi,
I got infected with some unknown spyware and decided to use AdwCleaner to remove it. Unfortunately, after removal and restart of my comp, all my browsers (chrome, firefox and ie) shows that I'm unable to connect to proxy server and i cannot get on the internet

Below are my stats and the Adw Reports

Thanks

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8077 Mb
Graphics Card: NVIDIA GeForce GT 740M, -2048 Mb
Hard Drives: C: Total - 190423 MB, Free - 4238 MB; D: Total - 264346 MB, Free - 44283 MB; G: Total - 476799 MB, Free - 476786 MB; H: Total - 953861 MB, Free - 6912 MB; I: Total - 476927 MB, Free - 476171 MB;
Motherboard: ASUSTeK COMPUTER INC., K46CB
Antivirus: Windows Defender, Disabled
 

Answer:Internet not working after removal of malware using AdwCleaner

# AdwCleaner v4.208 - Logfile created 06/08/2015 at 18:22:38
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Gladwin - GLADWIN
# Running from : C:\Users\ASUS\Downloads\Programs\adwcleaner_4.208.exe
# Option : Scan

***** [ Services ] *****
***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage-journal
File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage
... Read more

6 more replies
Relevance 71.34%

Hello! I'm not very tech savy, but I will try to explain my situation the best I can. Currently, my Internet is acting weird. It would randomly stop working with the notification "......cannot connect to server". Back then, this RARELY happens until recently. The internet would work again if i turn off the router and turn it back on. The router I use is the Netgear Wireless Router. I'm not sure if this happens because of malware.
December 14 ~ I used Symantec's Trojan.Powelik automatic removal from their site. (I had notifications saying Norton blocked attempts from Trojan.Powelik and Trojan.Adclicker. I have the Paid version of Norton Internet Security by the way) It said that the removal was successful. I also did a full scan using Norton and fixed things. The computer and the Internet was faster than before and everything seemed back to normal.
December 15 ~ I used Malwarebytes Anti-Rootkit and it removed 3 threats. I remembered one of them was Poweliks.B or something like that. This happened at 3 pm. Internet worked fine and then randomly stopped working around 11 pm. I turned off the router and turned it back on, then the Internet worked again.
December 16 ~ I used the free version of Malwarebytes Anti-Malware. It removed 3 malicious threats (Trojans) and a bunch of PUP's. Internet was good that whole day and night.
December 17 ~ Norton and Malwarebytes reported no threats. Internet was good but randomly stopped working around 10:45 pm. I turned off router and turned ... Read more

Answer:Internet acting weird after malware removal :(

Welcome to BC !
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Check for adware and malware using the programs below. Allow them to remove whatever they find.
 
download AdwCleaner by Xplode and save to your Desktop.
Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Download Junkware Removal Tool to your desktop.
Shut down your protection software now to avoid pot... Read more

23 more replies
Relevance 71.34%

Hi,

I am new to the site but have been reading the posts which I have found useful but still cannot resolve my issue, hope you can help!?

Firstly please accept my apologies I have already run combofix, the program was passed to me by a collegue and I have used it successfully in the past. I was not aware I should only use it after being advised to.

I was running AVG premium with Windows XP media edition SP2 but my computer began to slow down. I noticed there were issues with playing Falsh video's so tried to istall the latest version of flash, in doing so all flash video's stopped working (even after uninstalling and trying an older version).

At this point i tried to run the latest combofix but got errors asking me to uninstall AVG. I could not get AVG to uninstall so I ran an older version of Combofix which I had used successfully in the past while AVG was installed. However, my machine didn't seem to be any better.

Eventually, I managed to uninstall AVG and ran the latest combofix. After it had finished I noticed the internet connection had been lost and on the main (Admin) user the display settings had changed - control panel had been changed from classic view and cannot be changed back. Also, if I try to run the command prompt from that user I get an error - "Windowns cannot access the sepcified device, path, ot file. You may not have the appropriate permissions to access this item". I also cannot change any user settings, has this been infe... Read more

Answer:Internet Connection Loss after Malware Removal

Hello,Please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Since you have run ComboFix, please include the ComboFix log in the new topic. Please be sure to include a description of your computer issues and what you have done to try to resolve them.If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why and include the ComboFix log along with a description of your computer issues.Orange Blossom

3 more replies
Relevance 71.34%

I recently cleaned out my computer of a few virus's and after that I noticed my internet had completely stopped working on Firefox. I've tried a couple of reset things and it hasn't worked at all. I don't use proxy's so of course I turned that off when I went to the control panel and internet options. I've ran FSS and got results, but can anybody help or show me what is exactly is wrong in the text?
 
Moderator Edit: Moved from the Malware Logs forum due to the absence of logs
Roger

Answer:My internet hasn't worked since malware removal.

Hello, 
 
Please start by describing the issues you've been experiencing prior to the Firefox problem. 
 
Post up FSS.txt as well. 
 
Are you experiencing the same issues using alternative browsers? 
 

8 more replies
Relevance 71.34%

I had several malware infection on my machine, and a HJT Senior classman helped me to remove them. Following disinfecting of the machine, my Internet Explorer (6) will not fire up. I found another IE application in a strange folder that I think the malware was using to access the internet. I have tried to uninstall the current IE, and then re=-install it, and I have tried to install IE7 and IE8 with no luck. Any guidance on how to get control of my IE would help.

Thx, Pat

Answer:Internet Explorer does not work after malware removal

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

1 more replies
Relevance 71.34%

Hi,
 
I have problem with internet connection after malware removal.
I will glade if u can help me.
Please check attach files with a scan of my computer.

Answer:problem with internet connection after malware removal

Hi there,please do the follwing:Step 1Please open an elevated command prompt (see these instructions how to do it).Type the following command into the prompt:netsh winsock resetand confirm with Enter.Then reboot the computer. The internet connection should work again now.Step 2Please download AdwCleaner (by Xplode) and save to your Desktop.Double click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select "Run As Administrator"Click on the Scan button.After the scan has finished, click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.Step 3Start FRST with administator privileges.Make sure the option Addition.txt (under Optional Scan) is checked.Press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

5 more replies
Relevance 71.34%

Hi all, let me first introduce myself. My name is Andrew.

Here is my current situation: The other day while on my computer, I started receiving messages I've never received before. I kept receiving popups on my desktop saying that threats had been detected and then proceeded to perform a fake system scan. The "dialog box" said something like 'PC AntiSpyware 2010'. I also had the little red circle with the white X in my system tray. Anytime you'd mouse over it, a warning balloon would pop up.

After doing a little research around these forums, I decided the best bet would be to download, update and run MalwareBytes' remover tool. I did a scan, checked all the objects that came up (all 44 of them! OUCH!) and had the program delete them. I then restarted my PC and voila! No sign of the malware at all. Awesome.

Except now my internet doesn't work. Both my wireless adapter tray icon (D-Link DWL-G122) and my wireless network icon are shown as being connected and having excellent signal strength. I even did a ping of google.com using the CMD prompt and it showed no errors in either direction! Weird. It doesn't appear to have anything to do with my network either, as every other computer connected to this network also connects to the internet with no problems at all.

So my question is wtf is going on here!? lol

I'm running out of ideas and would really like to get this resolved ASAP. Any help/advice at all will be greatly appreciated!

Thanks... Read more

Answer:Internet not working after malware removal. Please help, I'm desperate!

Mods, please close this thread as I am already receiving help elsewhere.

Thank you and I apologize for the inconvenience.

2 more replies
Relevance 71.34%

I have a Dell laptop running Windows 7 and Macafee security. Got infected with Thinkpoint malware. Followed all the instructions to download Malwarebytes to remove the virus. Seemed to work. A few days later, my internet explorer won't connect to my home's wireless router. My older laptop running XP connects just fine. Weird thing is, I can connect to my school e-mail account (Office Outlook web access) and my gradebook on our district's server, but nothing else connects (yahoo, google, ancestry, etc.)

Answer:Lost internet explorer after malware removal

Malware will sometimes change proxy settings that will prevent you from connecting to the internet. Have a look at that. You also may want to post in Am I Infected just to be sure that you are clean.

1 more replies
Relevance 71.34%

I recently removed the program PursuePoint from my computer with adwcleaner, now my computer wont let me access the internet, it keeps saying "limited access"
Any help would be great, thank you
also: I'm fairly sure I'm on a 32 bit system but I'm not positive
 

Answer:Malware Removal - limited internet access

Hello,
Please follow this topic and attach requested reports:

http://malwaretips.com/threads/preparation-guide-before-requesting-malware-removal-help.20334/
 

24 more replies
Relevance 71.34%

Windows 10 64-bit

At first I got my Google Chrome hijacked.
After using Malwarebytes to quarantine and remove all the PUPs, I am now unable to connect to the internet via browsers, however my computer itself is connected.
 

Answer:No internet access after malware removal with Malwarebytes

Vincent7up said:


Windows 10 64-bit

At first I got my Google Chrome hijacked.
After using Malwarebytes to quarantine and remove all the PUPs, I am now unable to connect to the internet via browsers, however my computer itself is connected.Click to expand...

MS Fixit should work, if not use the windows repair all-in-one. https://www.raymond.cc/blog/portable-and-offline-microsoft-fix-it-utility
 

0 more replies
Relevance 71.34%

There is my first time posting on a forum ..but my girlfriend chatched a small virus on her macbook(using win 8.1) and i thought i can solve the problem with malwarebyte ..i scanned and removed the problems after that i couldnt acces the internet . I unistalled the malwarebyte program thinking will work after ..but still nothing .
Please help . Thanks
 

Answer:No internet access after malware removal with Malwarebytes ! Help

Here is the scan --sorry
 

1 more replies
Relevance 71.34%

Hi,I need some help with my laptop.Hope computer hope can help me.  At first my laptop cannot run any applications. the file **** is infected. I tried to format my laptop but can't, it keep on shutting down when I try to boot from CD. Thus, I followed all the malware removal steps. then, everything is running back to normal. Just that I can't get connected to the internet. Can you help me, how to fix this? Herewith, I paste all the logs, in case if it is needed.SuperAntispyware log:SUPERAntiSpyware Scan Loghttp://www.superantispyware.comGenerated 08/16/2010 at 01:00 PMApplication Version : 4.41.1000Core Rules Database Version : 5360Trace Rules Database Version: 3172Scan type       : Complete ScanTotal Scan Time : 02:21:40Memory items scanned      : 578Memory threats detected   : 0Registry items scanned    : 8322Registry threats detected : 2File items scanned        : 131293File threats detected     : 22Trojan.Agent/Gen-Frauder   [jjlghcfp] C:\DOCUMENTS AND SETTINGS\IMAN\LOCAL SETTINGS\APPLICATION DATA\AFLGBTIDE\NCKLCBSSHDW.EXE   C:\DOCUMENTS AND SETTINGS\IMAN\LOCAL SETTINGS\APPLICATION DATA\AFLGBTIDE\NCKLCBSSHDW.EXE   [jjlghcfp] C:\DOCUMENTS AND SETTINGS\IMAN\LOCAL SETTINGS\APPLICATION DATA\AFLGBTIDE\NCKLCBSSHDW.EXEAdware.Tracking Cookie   C:\Documents and Settings\iman\Cookies\[email protected][1].txt &... Read more

Answer:done the malware removal steps, but can't get connected to the internet.

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.Exit out of MessengerDisable then delete the two files that were put on the desktop.************************************Open HijackThis and select Do a system scan onlyPlace a check mark next to the following entries: (if there)R1 - HKCU\Software\Microsoft\Windows\Curren... Read more

8 more replies
Relevance 71.34%
Relevance 71.34%

Ok, i had a malware virus called "Antivirus Action". I followed the instructions on some site, got the godly "rkill" and then ran Malwarebytes, presumably murdering the virus. But now, it seems 80% of the programs that need internet can't use it (heck, for some it seems half of the program can, half of it can't) i', starting to think there might be a bit of virus still on my computer.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:57:46 PM, on 12/11/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files ... Read more

Answer:Firefox is the only think that can connect to internet after malware removal.

7 more replies
Relevance 71.34%

This all started when I was downloading piano music for my daughter. I thought it was strange that it was an .EXE file. I could not find the music anywhere else. When I clicked on it, it disappeared. I knew I was in deep dodo. I was here on May 25 "doing it myself" removing malware on an xp machine and ran into a problem. I made it to run SAS and I lost my internet connection. I talked to SAS support for a few days but we were unable to connect to the internet. We ran a lot of software but nothing helped. When it finally came down to "You need to reformat C:\ in order to get an internet conncetion," SAS support had helped me all they could. I posted on another site 4 days ago. No bumping allowed so I am now on page 10 with no replys. Not even any replys after I went to the waiting room yesterday!
I have a dell 5100 desktop connected to a Belkin router with cable (used 2 different cables and 2 different nics ... also tried wireless adapter w/ no luck). Two other desktops and a notebook connect to the internet with wireless adapters. So far I have run
TFC
CCleaner
mgtools
erdnt
gmer
rootrepeal
combofix
dds.scr
erunt_setup
HijackThis
MBam
MGtools
OTL
winsockxpfix
PCTools on line scanner
SUPERAntiSpyware (lifetime version)
I have probably run a few more that I don't remember or can't find.
Oh yea, I ran Microsoft Security Essentials and removed Trojan:Jave/Selace.L, Trojan:Jave/Selace.K, Exploit:Java/CVE-2008-5353.c and 300 plus ... Read more

Answer:Malware removal stopped internet access on 5/25/10

Please attach the following logs>
SAS
MBAM
RootRepeal
ComboFix
C:\MGLogs.zip
 

10 more replies
Relevance 71.34%

I worked through the malware removal process. At some point after initiating the Combofix utility, I lost my internet connection. I restored to an earlier point and regained the connection. I started the removal process from the beginning and after the MGtools step, I noticed I had once again lost internet connection. I tried manually adding the IP address and a DNS address, but this did not work. All other machines on this home router are working ok.

I have attached my logs for analysis. I'm a little concerened about the huge (2GB) hyperfil.sys file in my C: drive root folder.:confused
 

Answer:Lost internet connection during malware removal

Welcome to Major Geeks!

Why is this PC being used with no protection software installed?





M@jorcheeky said:





I worked through the malware removal process. At some point after initiating the Combofix utility, I lost my internet connection. I restored to an earlier point and regained the connection. I started the removal process from the beginning and after the MGtools step, I noticed I had once again lost internet connection. I tried manually adding the IP address and a DNS address, but this did not work.Click to expand...

Did you run any scans more than once? We do specifiy to only run scans once and attach the logs. Based on your logs you did start having some issues and ran scans on July 8.






M@jorcheeky said:





I'm a little concerened about the huge (2GB) hyperfil.sys file in my C: drive root folder.:confusedClick to expand...

It is part of Windows and normal.

You need to attach the below logs from SUPERAntiSpyware and Malwarebytes that were requested. You will have to attach all of them since you ran scans multiple times.
Code:

"C:\Documents and Settings\James\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\"
Jul 8 2010 4209 "SUPERAntiSpyware Scan Log - 07-08-2010 - 06-07-27.log"
Jul 18 2010 3728 "SUPERAntiSpyware Scan Log - 07-18-2010 - 10-42-05.log"
Jul 18 2010 465 "SUPERAntiSpyware Scan Log - 07-18-2010 - 11-... Read more

1 more replies
Relevance 71.34%

Hello,
I am running Windows XP on a laptop, and I recently ran into some spyware/adware called MicroAV that installed itself onto my comp. and flooded me with false security messages. To get rid of it, I downloaded windows live onecare and ran a scan. It found some viruses and deleted them, and for a few hours everything was fine. Then, internet explorer couldn't connect to the internet. Firefox still worked though, so I ignored it and used Firefox. After waking up the next morning, however, I couldn't connect at all. I am connected to my wireless network and I can log into my router to change settings but the internet wont work. I tried three browsers and Itunes music store and none will work, however Limewire will connect. I can't ping any sites or do anything other than Frostwire though. Its not a problem with my router as my Ubuntu OS on the same comp works fine on the same network.

PS: I also uninstalled OneCare so its not the firewall or antivirus.
 

Answer:Internet Doesn't work after malware removal

I got that issue on one computer and fixed it with this....
 

3 more replies
Relevance 71.34%

Hello and Thank you in advance,I am working on a friends computer. A custom build: Elitegroup Motherboard 945GZT-M Windows XP Home Version 2002 SP3 32bit. Network Adapter: RealTek RTL8139/810x Family Fast Ethernet NICMy Modem/Router: Actiontec PK5000 (I do not know what he uses.)Connection Wired DSLMiniToolBox: Result at end of document (Wow, It found a lot more errors than I did.)The complaint was running too slow. Last year I had installed anti-virus and anti-malware programs as it had none. During the past year he had not updated or ran any of these tools. I didn't want to go through the hassle of connecting him to my network so I downloaded tools and transferred them via flash drive. Avast found about 319 infections, Malwarebytes found about 7 infections, SuperAntiSpyware found about a couple of hundred infections, mostly tracking cookies. System restore had been disabled. (I have scan logs.) I was able to run these in safe mode. I sent it home with him and instructed him to update all the software and definitions and run them again. He couldn't get it to connect to the internet. I got it back and I couldn't get it to connect either. Now I can not get to the selective start up screen. F8 does not get me there. Shutting down with the power button will not bring up on start up.The Network Connections Status\Support Tab\Details: Show no information. IPCONFIG /All showed no information. IPS (Qwest) could see the computer but couldn't ping. Device man... Read more

Answer:Cannot connect to internet after virus/malware removal

You will need a malware expert first to clean thoroughly the infection from your computer. A BC Advisor or Moderator will move your topic. Please be patient.

3 more replies
Relevance 71.34%

Hi,

Background: My computer (64-bit Windows 7 O/S) was recently attacked by the FBI Moneypak virus. I followed the instructions found on this guide (http://www.selectrealsecurity.com/malware-removal-guide) to remove the Malware. FYI - Malwarebytes did not detect the virus. But, HitmanPro detected and removed it. An evidence of its removal: the malware had blocked access to McAfee's website and wouldn't allow McAfee Total Protection to update itself; after running Hitman Pro, I'm able to access McAfee's website and update McAfee Total Protection. But I'm having problems with browsing the internet.

Problem: My internet browsers don't seem to work. I followed the instructions found at http://www.selectrealsecurity.com/fix-internet-connection, but of no avail. I have Internet Explorer and Firefox, and they both have this problem (FYI - Firefox had problems with freezing up even before the virus attack; it seemed related to a recent Adobe Flash Player update). When I open the browser, the home page loads on fine, but when I try to go to some other website, it takes forever to load; and when it loads, the window freezes right away and it takes several minutes before the window becomes alive again, and then it freezes... I can't close the browser window; I have to end the process using the Task Manager (BTW - I see two instances of Internet Explorer in the Task Manager when I have only one window (and one tab) open with Internet Explorer.

Could ... Read more

Answer:Problem with Internet Browsing After Malware Removal

The following are the logs from running HijackThis and DDS for the case mentioned in my previous post:

FYI: When I ran HijackThis, I got the following error message that popped up: "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may not be able to fix this." This was followed by a guideline for how to fix it manually.

HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:46 AM, on 2/2/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\wbmoses\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.313\SSScheduler.exe
C:\Users\wbmoses\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
I:\A_Mal_SW\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Exp... Read more

3 more replies
Relevance 71.34%

Hello and Thank you in advance,
I am working on a friends computer. A custom build:
Elitegroup Motherboard 945GZT-M
Windows XP Home Version 2002 SP3 32bit.
Network Adapter RealTek RTL8139/810x Family Fast Ethernet NIC
The complaint was running too slow. Last year I had installed anti-virus and anti-malware programs as it had none. During the past year he had not updated or ran any of these tools. I didn't want to go through the hassle of connecting him to my network so I downloaded tools and transferred them via flash drive. Avast found about 319 infections, Malwarebytes found about 7 infections, SuperAntiSpyware found about a couple of hundred infections, mostly tracking cookies. System restore had been disabled. (I have scan logs.) I was able to run these in safe mode.
I sent it home with him and instructed him to update all the software and definitions and run them again.
He couldn't get it to connect to the internet. I got it back and I couldn't get it to connect either. Now I can not get to the selective start up screen. F8 does not get me there. Shutting down with the power button will not bring up on start up.
The Network Connections Status\Support Tab\Details: Show no information.
IPCONFIG /All showed no information.
IPS (Qwest) could see the computer but couldn't ping.
Device manager said everything was working properly except under hidden devices.
The keyboard, Zune Bus Enumerator Driver, and Parport. Either not present or no... Read more

Answer:Can not connect to internet after virus/malware removal

16 more replies
Relevance 71.34%

I have also attached the detections that Malwarebytes made and essentially everything I've removed with it.

Thank you for any help in this matter.

Edit1: Removed extra copies of the FRST and Addition files
 

Answer:No internet access after malware removal with Malwarebytes

Hi,

Before we begin, I want you to have this in mind:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like ever... Read more

8 more replies