You may have killed the malware processes but they came back after rebooting.
Most Internet connectivity problems arise out of corrupt Winsock settings due to the installation of a networking software or Malware infestation. Check with your ISP provider first and if they insist that your connection is coming through, the problem must be at your end.
If your using Windows XP SP2, log on as an administrator.
Go to Start > Run and type: cmd
Press OK or Hit Enter. A dos Window will appear.
At the command prompt, type or copy/paste: netsh winsock reset
When the program is finished, you will receive the message: "Successfully reset the Winsock Catalog. You must restart the machine in order to complete the reset
Close the command box and reboot your computer.
Go to Start > Run > type: cmd
Press OK or Hit Enter.
At the command prompt, type or copy/paste: ipconfig /flushdns
Close the command box. Configure TCP/IP to use DNS
. Go to Start > Control Panel, and choose Network Connections
Right click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and and choose Properties.
Double-click on the Internet Protocol (TCP/IP) item.
Select the radio button that says "Obtain DNS servers automatically
Click OK twice to get out of the properties screen and restart your computer.CAUTION
: It is possible that your Internet Service Provider requires specific settings here. Make sure you know if you need specific DNS settings here or not before you make these changes or you may lose your internet connection. If you are sure you do not need a specific DNS address, you may proceed.
If you cannot get your Internet working, you are going to need access to another computer (family member, friend, etc) with an Internet connection. Then download the program I recommend and save to a USB stick or CD. Then you can transfer directly to the infected computer where you can use it. If you cannot copy files to your USB drive, make sure its not "Write Protected". Some flash drives have a switch on the side which could have accidentally been moved to write protect.
Download and save:FileASSASSIN.zip (this tool is compatible with Win 2000/NT/XP/Vista only)
. In addition to removing infected files, it will remove certain restrictions on your system often disabled by malware.
After transfer to your machine, do this:
- Extract (unzip) MsnCleaner.zip to your desktop. (click here if your not sure how to do this) but DO NOT use it yet.
- Reboot your computer in "Safe Mode" using the F8. To do this restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A boot menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".
- Double-click MsnCleaner.exe to run the tool.
- Click the "Analyze" button.
- A report will be created after the scan and will be saved to C:\MsnCleaner.txt.
- If it finds an infection, click the "Deleted" button.
- Reboot normally and post the contents of MsnCleaner.txt in your next reply.
Now continue as follows for any malware files that remain:
Note: If you cannot find the file(s), you may have to Reconfigure Windows XP to show hidden files, folders.
- Create a new folder on your C:\ drive called FileASSASSIN and extract (unzip) the file to that folder. (Click here for information on how to do this if not sure. Win 9x/2000 users click here.)
- Open the folder and double-click on FileASSASSIN.exe.
- Select the bad file to delete by dragging it onto the text area or select it using the (...) browse button.
- Select a removal method. Start with the default "Attempt FileASSASSIN's method of file removal"
- Click delete and the removal process will begin.
- If that did not work, start the program again, select the file(s) the same way as before and this time check "Use delete on reboot function from windows."