[Puppyaddict]

Forgive short typing. On iPhone.

Got "security alert" and mistakenly clicked on one of them. Got fake security software offer I believe. Didn't download.

Apparently already infected tho. Now can't get on Internet to update superspyware or download your fixes.

Running in safe mode w. networking.

Tried other fix with winsock, reset log commands. No help.

Now get msg on IE8 either:
ADDRESS NOT VALID
or
Internet explorer cannot display...
Appears you are connected, but might want to try to reconnect.

Hard line and wireless both won't work. Word works but excel and many others get error msg that ______.exe is infected.

Please help! I have grad work due tomorrow, arrgh!

[Advertisements]

What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting.

To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.

Another common malware practice is to hijack your DNS or your hosts file. Normally when you type in the URL your PC has to request the IP address from the DNS server. If the DNS server belongs to the malware people then it can send you to fake sites and block your access to antimalware sites.

1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."

4. Click "Use the following DNS server addresses," and then type 4.2.2.1 in the Preferred DNS server.

5. Click "OK"

Reboot.

Before going to the DNS server the PC looks in the hosts file
C:\windows\system32\drivers\etc\hosts
If it finds a match then it doesn't have to go to the DNS server which saves it some time. This file can be opened in notepad tho you may need to enable viewing of hidden and system files. The first non comment line (comments have a # in front) should be 127.0.0.1 localhost. All lines below that can be deleted and the file Saved.

Reboot.

Any better? If so follow the guidelines in the top post of the Malware Removal forum
http://www.geekstogo...uide-t2852.html
and post your logs. If not let me know and we will try a few other things.



Ron

[RKinner]

What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting.

To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.

Another common malware practice is to hijack your DNS or your hosts file. Normally when you type in the URL your PC has to request the IP address from the DNS server. If the DNS server belongs to the malware people then it can send you to fake sites and block your access to antimalware sites.

1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."

4. Click "Use the following DNS server addresses," and then type 4.2.2.1 in the Preferred DNS server.

5. Click "OK"

Reboot.

Before going to the DNS server the PC looks in the hosts file
C:\windows\system32\drivers\etc\hosts
If it finds a match then it doesn't have to go to the DNS server which saves it some time. This file can be opened in notepad tho you may need to enable viewing of hidden and system files. The first non comment line (comments have a # in front) should be 127.0.0.1 localhost. All lines below that can be deleted and the file Saved.

Reboot.

Any better? If so follow the guidelines in the top post of the Malware Removal forum
http://www.geekstogo...uide-t2852.html
and post your logs. If not let me know and we will try a few other things.



Ron