[Valerie1959]

Hello,
I had a virus weeks ago on my laptop and used Antivir (Free)after it was cleared. Unfortunately, a Stealth intrusion with viruses, trojans and privacy issues has now popped up. My son uses this laptop and I think he downloaded music of somekind. Anyway, IE opens but it will not allow me to go anywhere. (I am currently using my PC to get on the internet. I would appreciate any help you can give at this point. I am afraid my private info is being used or viewed. Thank you.

[Advertisements]

What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting. MBAM or your anti-malware software knows the proxy software is malware so removes it but doesn't realize that it's also a proxy so doesn't change the proxy settings on IE and FF. So now IE or Firefox still sends traffic to the proxy but there is no proxy so it doesn't go anywhere and you have lost connectivity to the internet.


To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.


Any better? If so follow the guidelines in the top post of the Malware Removal forum
http://www.geekstogo...uide-t2852.html
and post your logs. If not let me know and we will try a few other things.

Ron

[RKinner]

What usually happens is the malware sets up a proxy on your computer. Then it forces IE or Firefox to send all traffic going to the internet to the proxy. Since it's a malware proxy it picks and chooses what goes to the internet and keeps you from going to certain anti-malware sites and perhaps sends copies of interesting traffic like passwords and credit cards to another address for harvesting. MBAM or your anti-malware software knows the proxy software is malware so removes it but doesn't realize that it's also a proxy so doesn't change the proxy settings on IE and FF. So now IE or Firefox still sends traffic to the proxy but there is no proxy so it doesn't go anywhere and you have lost connectivity to the internet.


To fix it:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.


Any better? If so follow the guidelines in the top post of the Malware Removal forum
http://www.geekstogo...uide-t2852.html
and post your logs. If not let me know and we will try a few other things.

Ron

[Valerie1959]

Thanks Ron for the explanation! I did try what you said... but it did not work. I would like to try another way please. ~Valerie

[RKinner]

In IE, Files, uncheck Work Offline. Restart IE and test. If still no good:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

ipconfig /flushdns

netsh  winsock  reset catalog

netsh  int ip reset reset.log

net start 

(I use two spaces in the code box so you will be sure to see where 1 space goes.)

Reboot and test. If it still doesn't work:


1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."

4. Click "Use the following DNS server addresses," and then type 199.166.28.10 in the Preferred DNS server and 4.2.2.1 in the Alternate DNS server boxes.

5. Click "OK"

Reboot and test. If it still doesn't work:

(Start) Right click on My Computer, select Manage then Device Manager. Find the Network Adapters and click on the + in front to open up the sub entries. Right click on each sun-entry under Network Adapters and Uninstall. (Doesn't hurt to write down the names in case you need to download the drivers from the PC Maker's website. Normally you don't but with malware you never know.) Reboot and test. If it still doesn't work:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

ipconfig  /all
ipconfig  /release
ipconfig  /renew
ipconfig  /all

Report any errors you get and the IP addresses of the last ipconfig /all

[Valerie1959]

I now can get on the internet. What should I do next?

Edited by Valerie1959, 01 April 2011 - 07:48 PM.

[RKinner]

Media disconnected would imply that the cable is bad or not plugged up. Could also mean the network adapter or the router has failed.

[Valerie1959]

I am not sure what that may mean. Could you advise me what to do next please?

[RKinner]

How does your PC connect to the internet? Is there a cable connecting it to a router or modem? Or does it connect wirelessly?

If there is a cable, make sure it is plugged in on both ends and to the right jacks. If that doesn't help then replace the cable. Reset the router or modem.

If it's wireless try connecting it with a cable to the router or modem.

Ron

[Valerie1959]

My laptop is wireless but the CD/DVD does not work. I am not sure about that. I will hook it up to the modem.. but it looks ok cause I can now get on the internet where I could not before. Thanks!

[RKinner]

Run OTL per

http://www.geekstogo...uide-t2852.html

You can copy and paste both logs here if you like.

Ron