Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Urgent ! System32 Attacking Virus?

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 3 posts
Hi, I'm using my phone as my computer has lost all internet connection functionalities. Please bare with me as I'm typing on my phone.

It all started with the Google Redirect Virus, which kept annoying me with a myriad of ads and redirects. Immediately following that instance, I downloaded Hitman Pro to erradicate the virus. It finds three threats and alerts me, two of which are in the system32 folder... I reluctantly delete it. It tells me to restart so I did.

-- it only gets worse. Upon restart, I could not access the Internet in anyway, shape or form. I've messed with the router, the settings, but nothing works. It usually stalls on " waiting for network" or something like that when it's not saying "not connected". On the rare case that it IS connected, received packets stagnate at 2, unable to access anything.

I work primarily off the Internet so hasty reply would be greatly appreciated ... Thank you.
  • 0




    Malware Expert

  • Expert
  • 23,722 posts
  • MVP
What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting. MBAM or your anti-malware software knows the proxy software is malware so removes it but doesn't realize that it's also a proxy so doesn't change the proxy settings on IE and FF. So now IE or Firefox still sends traffic to the proxy but there is no proxy so it doesn't go anywhere and you have lost connectivity to the internet.

To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.

Any better? If so follow the guidelines in the top post of the Malware Removal forum
and post your logs. If not

Start, (All) Programs, Accessories , Command Prompt. Type with an Enter after each line in the code box.

sfc  /scannow

(It will scan your critical system and attempt to fix any that are wrong.  If it asks for a CD and you don't have it or it doesn't like yours just say SKIP)

netsh  winsock  reset  catalog

netsh  int  ip  reset  reset.log
(I use two spaces in the code box to show you where one space goes)

IF it still doesn't work then open a command prompt again and type:

ipconfig /all

What IP address do you get? What DNS server? Does it give you an error message?

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP