Jump to content

Active Anti-Virus Virus?!


wyantm06

Recommended Posts

Okay I was just hounded with the software virus - spyware active antivirus..I got rid of all traces of it but now I cannot seem to connect online with that laptop...In bottom corner regardless connected wired or wireless it says connected active internet connection....but I open firefox or internet explorer it jus says server not found or something about a proxy, if anyone knows how I can get my internet back onto this thing I would appreciate it..Btw Toshiba a505

Link to comment
Share on other sites

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

***VERY IMPORTANT! Make sure, you update Malwarebytes before running the scans.***

STEP 1. Download Malwarebytes' Anti-Malware: Malwarebytes.org to your desktop.

(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.

* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick Scan, then click Scan.

* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad.

* Post the log back here.

The log can also be found here:

C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 2. Download GMER: GMER - Rootkit Detector and Remover, by clicking on Download EXE button.

Alternative downloads:

- |MG| GMER 1.0.15.15281 Download

- http://www.softpedia.com/get/Interne...ers/GMER.shtml

Double click on downloaded .exe file, select Rootkit tab and click the Scan button.

When scan is completed, click Save button, and save the results as gmer.log

Warning ! Please, do not select the "Show all" checkbox during the scan.

Post the log to your next reply.

RESTART COMPUTER

STEP 3. Download HijackThis:

HijackThis - Trend Micro USA

by clicking on Installer under Version 2.0.2

[DO NOT download version 2.0.3 (beta)]

Install, and run it.

Post HijackThis log.

NOTE. If you're using Vista, or 7, right click on HijackThis, and click Run as Administrator

Do NOT attempt to "fix" anything!

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Link to comment
Share on other sites

Well buddy since you cant access the net with it , and you know you had a nasty , chances are your bet bet is a OS re install.

My best guess is the virus you had ( still have actually ) is conficker. It generally comes from one place anymore.

Every now and again it makes a comeback , because it's used by botnets , they are able to " own " your machine and access it remotely to use at there will , generally for advertisements. Chances are you were being redirected to pages you didnt want to go to before this actually started getting notices, unless your AV picked up on it right away.

Link to comment
Share on other sites

Well buddy since you cant access the net with it , and you know you had a nasty , chances are your bet bet is a OS re install.

My best guess is the virus you had ( still have actually ) is conficker. It generally comes from one place anymore.

Every now and again it makes a comeback , because it's used by botnets , they are able to " own " your machine and access it remotely to use at there will , generally for advertisements. Chances are you were being redirected to pages you didnt want to go to before this actually started getting notices, unless your AV picked up on it right away.

I might have made that confusing....Um Okay i did all that and removed it all..It's clean n back to good n go! but while doing it all it removed my internet connection. My wireless says connected internet access but wont load pages on any browser n when plugged in ethernet it says internet access as well but does same thing...I need to figure out why doing all that killed my net connection, but says I am connected n running fine...This is like the 3rd time installing Windows 7 n I only had it 7-8 months...Bahhh

Link to comment
Share on other sites

I might have made that confusing....Um Okay i did all that and removed it all..It's clean n back to good n go! but while doing it all it removed my internet connection. My wireless says connected internet access but wont load pages on any browser n when plugged in ethernet it says internet access as well but does same thing...I need to figure out why doing all that killed my net connection, but says I am connected n running fine...This is like the 3rd time installing Windows 7 n I only had it 7-8 months...Bahhh

Oh n i can't remember the exact but I got one of the best Trend Micro AV n it didnt catch it I guess...it started with pop ups not wanting to close..I then ran all the steps to retrace n clean..bahh I guess reinstall...BLAH sorry for the bother

Link to comment
Share on other sites

I'm just telling you what I think buddy , thats what these particular worms do, chances of you getting it back without re installing is slim to none. They make a connection somehow so that when it's removed , then so is your connection , and I know exactly what your talking about , your connected , but you cannot access the internet.

You might spend days or weeks figuring it out when you'll likely not. Seen a lot of them just like this.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...