Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need Help with Virus


  • Please log in to reply

#1
TechyMom5

TechyMom5

    Member

  • Member
  • PipPip
  • 67 posts
Hi All!

I am writing to you all for a very good friend of mine who seems to have a virus on her home computer. Because I have had very EXCELLENT help from this forum I figured I'd just come to you and see if there was anything that can be done for her. Unfortunately she only has 1 computer and I don't live local to her either where she would be able to use my computer to maybe get her some help and started on fixing the matter.

Here's the thing she stated that she went to get onto her computer and something popped up as though it was downloading and then she started seeing some trojan messages and it just kept on going she then cut her computer off as she did not want it to continue to download whatever it was. She cannot get onto the internet at all she even tried going on through aol but can't. At some point she attempted to get onto aol through safe mode and was able to; I spoke to her on Monday, June 28 and once she told me that she was able to get onto the aol through safe mode I told her to try and get onto this site for help but later that day there was a storm that knocked the power and her cable out so she wasn't able to do so. Long story short she attempted to do as I told her but now she can't get onto any internet IE or aol on regular or safe mode. She owns a Dell 8250 runs Windows XP home edition.

The other thing she stated to me is that she is getting some message about not having any internet connection; she called her ISP and they ran some test and she has service but this is what the computer is telling her and she also stated somthing about "the main DNS" message. Overall, she doesn't know what to do I told her I would post the message here in hopes that someone can give me some instructions to pass along to her and maybe get some help started enough for her to get onto this site so that she can get further instructions herself on what to do and not have to use me as a middle person.

I hope that I have made sense and that someone can give me some advice to pass along to her to get her started on some help. Thanks in advance for your time and patience.


Thanks!
TechyMom5

Edited by TechyMom5, 30 June 2010 - 05:19 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,137 posts
  • MVP
What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting. MBAM or your anti-malware software knows the proxy software is malware so removes it but doesn't realize that it's also a proxy so doesn't change the proxy settings on IE and FF. So now IE or Firefox still sends traffic to the proxy but there is no proxy so it doesn't go anywhere and you have lost connectivity to the internet.

To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.


Any better? If so follow the guidelines in the top post of the Malware Removal forum
http://www.geekstogo...uide-t2852.html
and post your logs. If not let me know and we will try a few other things.
  • 0

#3
TechyMom5

TechyMom5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Hi RKinner,

Thanks for your reply I have passed this message along to my friend and she stated that her ISP told her to do the very same thing with IE and it did not work for her. If there is anything else you can suggest please advise.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,137 posts
  • MVP
Start, All Programs, Accessories, Command Prompt. This will bring up a black Command window. Type each line in the code box followed by an Enter. (I use 2 spaces so you can easily see where one space goes)

services.msc

(This will bring up the Services Menus.  Find DHCP Client and right click and select Properties.  Ensure the Startup Type: is set to Automatic.  Apply and if the Service Status is not Started, Start the service.  Do you get an error message?  Repeat for DNS Client.  Close Services window and return to Command Window.) 

sfc  /scannow

(This will scan the critical system files to make sure they have not been replaced.  If it asks for a CD and she doesn't have it then just hit SKIP.  Probably take about 10 to 15 minutes to finish.)

sigverif

(Press Start.  This will check you drivers for unsigned files.  Check the list that it shows you when it finishes.  Are there any with newish dates?  What are they? Close the sigverif window and return to the Command window)

netsh  winsock  reset  catalog

netsh  int  ip  reset  reset.log

exit

Restart and see if it works now.

Ron
  • 0

#5
TechyMom5

TechyMom5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Hi Ron,

My friend called me and stated that she was able to get back onto the internet and installed Malwarebyes, and mircorsoft essentials. The computer seems to be running ok according to her and not sure what happened. Anyhow, I mentioned to her to make sure she comes here and registers and ask for any help in the near future. I thank you very much for your time and patience. I guess you can consider this thread a closed one. Thanks again!

TechyMom5

Edited by TechyMom5, 01 July 2010 - 03:06 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP