Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected but can't get to the internet


  • Please log in to reply
14 replies to this topic

#1 maggieo

maggieo

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 18 January 2010 - 09:26 PM

My sister's computer got the 2010 antivirus "malware" today, but it can't get to the internet to download any of the "fix" programs. It had Malwarebytes on it and we ran it and it (and AVG) cleared up the errors, but it still can't get to the internet. It's not getting any error messages, although it said "access denied" or something to task manager. We ran SDFix, copied from a flash drive, but combo fix and spybot need to get to the internet in order to even install. Probably if Malwarebytes could "update" it might solve the problem, but it just doesn't see the internet. I am not at the computer - I usually take care of it remotely. Any ideas of a setting or something that would be blocking the internet, since it's no longer showing up errors? Are there places to download like a full version of combo fix, or maybe an updated "full" version of malwarebytes or something? I did see a reference to Vipre Rescue and that's running now.. It was transferred by a friend with his laptop there, but he has now had to leave. This is a desktop computer, hard wired to a router, running XP SP3. IT's running AVG 8.5 and spyware terminator. Thanks, in advance, for all of your help. - Maggie

BC AdBot (Login to Remove)

 


#2 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 19 January 2010 - 08:33 AM

Hi there - I'm thinking now that the "virus/malware" is gone but it messed up something needed for the internet connection. again I am not at this computer, but I had my sister check IE for connection settings, and they were okay.. then I had her go to control panel and then network connections and basically she said the screen was blank.. Oh - I just figured out why.. she was in Safe Mode (the Vipre thing was still running).. so maybe that's why no network connections showed up.. but.. if any of you have any ideas as to what the "malware" could have done to mess up the network connection, they would be much appreciated.. Maybe it's just disabled and when they boot normally we can enable.. but the pop ups and all that are gone - just no network connection.
Thanks again - Maggie

#3 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 19 January 2010 - 08:47 AM

I had the same issue-

Download and run Winsock XP Fix 1.2

Available download at Major Geeks

Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#4 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 19 January 2010 - 08:59 AM

P.S.- the current version of AVG is 9.0

you might want to update the software.

Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#5 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 19 January 2010 - 11:30 AM

Thanks.. I know she's behind on her AVG.. meantime, I'll try to have her get the winsock fix.. that makes sense.. I wish I had told her to bring her flash drive to work! Maybe she can borrow one.. Thanks a million.. I'll be watching for other ideas.. meantime, we can't try this until she gets it on a flash drive and gets home. I hope she can borrow one..
Thanks again - Maggie

#6 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 20 January 2010 - 09:31 PM

Golfdude, you saved the day! They couldn't download the winsock fix or manage to get it anywhere yet, but I had them run netsh winsock reset at the command prompt and it fixed it!! YEY!!!! I did have them run this first - not sure if it mattered, but I still had to do the aforementioned step.. here's what I tried first - netsh int ip reset c:\resetlog.txt - The instructiuons had them run that from the "run" window so we couldn't see if there was a response.. after the reboot, still no network, so I had him run "netsh winsock reset" at the command prompt and then restart and everything's working again!

Thank you ALL! I have ordered them some Symantec Internet Security software and hope it helps a little better than the free stuff.. If anyone has suggestions of anything to add to that, feel free to let me know.. A friend of mine likes Spyware Blaster. This computer had Spyware Terminator, as well as AVG, and it still got infected.. It's possible the spyware terminator kept the "malware" from hijacking IE though..

#7 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 21 January 2010 - 07:48 AM

Maggieo,

I am glad all is well with the computer. There are many things you can do to minimize your chances of getting malware on your computer.

Quietman7 wrote the following excellent tips on how to keep your computer clean:

Tips to protect yourself against malware and reduce the potential for re-infection:.

Avoid gaming sites, porn sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, uTorrent). They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Porn sites can lead to the Trojan.Mebroot MBR rootkit and other dangerous malware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

Beware of Rogue Security software as they are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs and infections install themselves, read: Keeping Autorun enabled on USB (pen, thumb, jump) and other removable drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. To learn more about this risk, please read: Many security experts recommend you disable Autorun asap as a method of prevention. Microsoft recommends doing the same.

...Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file...

Microsoft Security Advisory (967940): Update for Windows Autorun
How to Maximize the Malware Protection of Your Removable Drives

Other related reading sources: • Finally, if you need to replace your anti-virus, firewall or need a reliable anti-malware scanner please refer to:
That being said, my own daughter was getting music from Limewire and couldn't understand why her computer kept getting infected. When I told her to stay off Limewire, her response was, "where else am I to get my music?" I mentioned she could "buy" the music, borrow it, or get it from the library. She won't listen!

As far as antivirus software, I am not a big fan of Norton. I have "cleaned" more computers that were running NAV than any other protection software. However, to be fair- Norton is pre-installed on so many computers it is bound to happen.

I have AVG Free, Malwarebytes, SUPERAntiSpyware, ATF Cleaner, and of course- Windows Defender installed on all (5) of my computers. I haven't had any problems with any of the computers even with 4 boys surfing who knows where.

I keep AVG current, Update and run Malwarebytes once a week, and run ATF and SAS once a month. This has worked for me.

One thing I cannot stress enough- keep all of your software up to date. This includes- Windows OS, Internet Explorer, Adobe, Java, and all of your antivirus protection. I recently was working on a computer that the owner referred to as, "a virus magnet". When I started poking around she only had Windows XP with SP2 and because of this had caught a nasty virus. I tried to clean the infection and installed SP3 and the computer completely died. Wouldn't boot up in safe mode or normal mode. At that point I just reloaded the computer.

There are some extremely smart people who donate their time to this website. I am not even in their class, but I am glad I could help you. Be sure to tell your friends if they have computer issues to use Bleeping Computer. This is the best website as far as I am concerned.


Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#8 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 22 January 2010 - 11:29 PM

Hi and thanks, Golfdude, for all of this great information. My friend started using Spywareblaster - the free one.. I think it does some good stuff.. but, like what you do, you have to manually run updates and scans.. I have long been a norton (NIS, not NAV) user - and hater.. it dogs the system, every time I uninstall, something goes wrong.. on the other hand, I haven't gotten any of this malware stuff on these computers.. it is hard to tell where you might get "caught" by these things. Anyway, this is great info. Can I give you points or something for saving the day for me?? Not sure how this site works. And actually something I read on another site pointed me in the direction of network connectivity.. anyway, I would like to give you points, if that's how this site works.. and - to thank you ALL again.. I use this site often for help and downloads.
- Maggie

#9 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 24 January 2010 - 05:46 AM

Maggieo,

No points on this website, but thanks for the offer.

I have used McAfee and Norton in the past and found them both to be heavy resource users. Not to mention, try removing the programs from a computer- completely :thumbsup: The only way you can do it is to download their software removal tool. And trying to find this tool on their website isn't easy. If you Google it you can find it. If you just go to their websites the removal tool isn't that easy to find.

Anyway, take care and safe surfing in the future.

Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#10 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 25 January 2010 - 08:12 PM

Hi Golfdude - you are so right about McAfee and Norton being huge resource hogs.. supposedly the 2010 of NIS is not so bad.. I only have it on a desktop.. it's the laptops where you really feel the pain.. my laptops are running AVG and so far so good! but I will say that at my company we run the enterprise Symantec End Point and it blocks these "antivirus" malware things.. they come up and all we have to do is re-start.. so that's a good thing - and that's happened on mine too.. Maybe I've just been lucky.. My friends with just AVG and Spyware Terminator have gotten bit by this thing. So I guess I should run windows defender - even if I have NIS? I have seen that be a resource hog too sometimes, but if it helps, then that's what I need to do. Are you aware of the new Windows essential? I just found out about Spyware Blaster - which does some good stuff.. and it doesn't "run" you just run it, and I think you have to manually update the free version.. I will check out SAS - I have never heard of it.. but I have a couple of friends that keep getting infected.. I have the windows updates all set to auto, and I have their AVG updating (although I hadn't gotten my sister's up to AVG9). I TOTALLY always use bleepingcomputer when I have a problem or need a download etc. I did get pointed in the right direction by someone on Kioskea - which I had never even heard of! Thank god for you folks that write these programs that save me and all the computers I try to take care of!!!! Thanks again - Maggie

#11 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 26 January 2010 - 07:56 AM

Maggie,

Just some FYI-

My friends computer that was infected last week with Internet Security 2010 was reinfected on Sunday with the same malware (IS 2010). The first time it was infected I was convinced it was the result of her software being out of date. When it was reinfected on Sunday- only 3 days after I gave it back to her- I wasn't sure why it was happening. She said when it happened she was on the Turbo Tax website using the free version to do her taxes. A chat window popped up and she clicked okay to accept it. Boom- IS 2010 is back on the computer.

I started a thread wondering if the computer was more susceptible of becoming reinfected similar to if a person gets pneumonia. Not to mention, I was really upset that AVG Free didn't stop the infection from happening. Quietman7 replied that it was most likely her error that caused it. Anyway, I asked him his opinion on free antivirus and firewall software and he recommended Avast. Since the Avg didn't work I removed it and installed the Avast Free addition. I was really impressed with the control panel and will be monitoring how it performs on her "virus magnet". If it can keep her machine clean I will probably switch all of my computers over to Avast.

I am not sure if you are familiar with the website- Cnet. It is a safe site and where I download (for free) a lot of the software I use. Just something to keep in mind.

Take care,
Tom

Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#12 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 26 January 2010 - 09:28 PM

Hi Tom, I will definitely check out avast. I never can figure out how the anti-virus/malware software is supposed to stay ahead of the people making these problems.. Someone has to "get them" in order for someone to know how to stop them. Meantime, the people who write and keep malwarebytes up to date are the REAL geniuses! So interestingly, at my job today (I'm in IT) I had a guy get something called Security Tool, and it was totally on his PC.. Symantec did send us a "report" that is vaulted something, but this pc was definitely infected - not something just a reboot could cure.. I couldn't run the malwarebyes, even after renaming the exe, and I couldn't run task manager either. I went to safe mode as I was hoping to run malwarebytes there, and it offered me System Restore (which I thought we had turned off!) but I used it and it cleaned up the PC very well.. After that I Did run malwarebytes and it found and cleaned a few things.. However - I did also find that somehow this pc was only SP2.. not sure how it missed our "push" of SP3 - but it happens.. anyway, I just spent much time tonight doing the SP3 and then the subsequent bunch of windows update. I will look at Avast.. but I also agree with you - several of the pc's that I fix have become re-infected, while others never get infected, so you have to wonder if something's left over.. or what the user is doing.. the guy at work today had just been on a car rental site, for business travel - but who knows what he started clicking when he got the messages.. that was the first time I had seen "security tool.. The person we gave the Windows Essential to is good so far.. I haven't looked at that at all, but I will, and I'll look at the Avast.. It's sad there are people out there w/nothing better to do than mess up people's pc's. Keep in touch.. hopefully this thread can still be of value to others.. Thanks so much for all of your insight, etc.. The only way I can help all these people is by reading threads like this and using programs like malwarebytes and combofix etc.. Oh, I used one called VipreRescue the other day - when I was trying to get the PC that started this thread back online.. before it dawned on me that the first was long gone and there was just something mucked up in the internet connection.. altough the ViperRescue did supposedly find and clean some things.. I wasn't there so I didn't see it.. I had to get that pc cleaned by telling people what to do!
Otherwise, I am a HUGE fan of Logmein! Thanks again - and keep me posted on the Avast - Maggie

#13 golfdude

golfdude

  • Members
  • 219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft Wayne, Indiana
  • Local time:10:44 PM

Posted 27 January 2010 - 08:32 AM

Maggie,

FYI- it's Vipre Rescue, not "Viper". Not sure why they spelled it that way. I have used it a couple of times with good results. I repair quite a few computers (technically not a side job since I am an unemployed accountant) and before going on housecalls I load one of my flash drives with current versions of several programs- including Vipre Rescue.

Also, be careful mentioning on BC that you run ComboFix:

When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.


I am sure you have been trained to use ComboFix, but the Staff at BC are very adamant that their supervision and direction is to be followed when using it. I have read threads where IT professionals will write in and mention they ran CF and will receive very nasty replies.

From what I have read, these Rogue antivirus programs have duped many people into purchasing their products. The really scary part of this is- you just gave your credit card information to thief's who could keep charging it over and over again. Many of these rogue antivirus "companies" are off shore and trying to locate them is impossible.

My biggest frustration is working on old slow computers. My brother in-laws' computer was badly infected so my wife dragged me up to his house a few weeks ago (he lives in a suburb outside of Detroit). A quick scan with MBAM took over an hour to run. He started asking me questions on how he could better protect his computer and I told him he should buy a new one. He asked how much that would cost and I told him he could buy something fairly cheap that would be a big improvement for around $700.00. He didn't think that was cheap, even though he is in management at Chrysler. My wife reminded me on the way home that just about all employees are scared to death they will lose their job because of the situation at Chrysler. I told her that the computer I have in the garage for playing music was faster than what he had! Anyway, working on old slow computers wears me down and it is something I have little patience for these days. Enough of my rant....

I will let you know how Avast works out.

Tom

Thanks,
Golfdude

America is all about speed. Hot, nasty, badass speed. -Eleanor Roosevelt, 1936
Intel i7-3820, 32 GB DDR3-1600, Intel 330 SSD Boot Drive, WD 3TB Data Drive, Radeon HD7770 GHz Edition, Windows 10 Professional 64 Bit
 


#14 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 27 January 2010 - 10:03 PM

So funny you talk about DOG slow computers.. I just stopped back by my desk to check a gir's pc I never helped before and it's going to take all night to put SP3 on it!! Oy Vey! Imagine how long the .net framework update will take after that! Her story is a little interesting.. she "sort of" got one of those antivirus things - I didn't see it.. another friend of mine went there and did add/remove programs and removed it and it was "appearingly" all gone. I did run a malwarebytes scan and it only found two things - of course we both know 1 thing can be terrible and 30 things can be nothing.. but anyway, this girl happens to have NIS 2009... so I was immediately disappointed that she "got" the virus - although I'm pretty sure she clicked on it- you know? and it sounded like someone told her something to use - but it's hard to figure out, but she said they kept asking for money and thankfully she didn't give her credit card.. phew! So.. there you have it re NIS - although, in many respects her pc didn't get hit that bad if just add/remove cleaned it up. Her NIS was up to date - but she never had SP3 on.. so that is taking forever.. yeah, even my desktop is slow-ish - but nothing like these doggy ones.. plus I leave mine on.. people come to their computer and turn it on and expect it to just be fast! I was looking at some laptops today for a guy who wanted to buy for his kids bday.. and pretty nice deals for 700-800.. and not bad for a little less.. I like the 9 cell on the laptops.. Meantime, I am NOT very good at this stuff. only at running the scans.. so I'm not great at combo fix.. I have used it from people like you who have told me what to "put in it" in the past, and I have just run it alone.. but I also killed a pc once by deleting something I shouldn't have.. Hijack this - forget it.. I have no clue.. the guys I work with are good at that stuff.. but I try not to have to ask them, although I just paid one of them to fix my friend's pc b/c I couldn't.. IE was hijacked.. and in the end, to fix it he just reset the hosts file.. something good to know.. so trust me - unless the ol' malwarebytes or something can fix a pc, I'm coming to you guys.. I do think the chrystler people are in trouble.. the whole country's in trouble and I blame the bank stuf and now they all want to give big bonuses again.. that is such bs.. of course I'm for obama, and this wasn't his mess.. but some of it goes back to my buddy clinton's days - deregulating some of the bank/financial house companies.. I used to work for Merrill Lynch - the only company I would ever get a pension from.. kiss that good bye! Guess I'll be working for a while.. What's your day job? anywy, I am going to try that avast on my laptop one of these days.. there are so many things to try.. we have no kids, but my sister has kids she's trying to keep track of on the internet - course then she buys one an i-touch - well, that was dumb!! it's been confiscated anyway! so I look at software for her for that and I might check out openDNS for web monitiroing.. it's supposed to be good.. but there is so much stuff out there.. anyway.. I'll check back in the am for that girl's SP 3 to be done.. I almost never get money for helping people, but I make them use logmein, so I can do it from my own house!!

#15 maggieo

maggieo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 01 February 2010 - 09:21 PM

Hi Tom - Just reading over your comments.. thanks for the input and correction re Vipre Rescue - I had never heard of it before, but was struggling to fix a computer that couldn't connect to the internet and I was not "at" it.. so I found it - and it may have helped some - that computer has been infected a few times - so maybe it cleaned up some old stuff.. as you know the winsock (which I don't even understand) reset fixed it. phew! So on any given pc - how many things would you suggest people run.. like AVG (or maybe avast), Windows defender (do you find this slows down pc's? - I found that once or twice), and SAS? I have to try SAS! I have never tried it.. Anyway, now I'm having a fight with my own linksys G camera that won't work wirelessly on my new N router.. maybe I have to recycle the router as well as the camera.. so I have to close a few of my IE windows! Not sure if we're "allowed" to talk offline - if so, maybe you can throw me an email at maggie-o at comcast dot net.. otherwise, I'll just look for you here! I do always use BC when I'm in trouble - and that's fairly often in one direction or another!! I really want to thank you for all of your advice.. oh - do you ever use SDFix? I think I used it once long ago in a moment of desparation! Meantime, I am NOT an expert and actually I trashed an image by running malwarebytes over and over trying to get all the errors gone.. It was running fine too.. so it was pretty dumb.. I know it was an easy "do-over" though.. not usually the case! anyway, I hope you're someone warm where you can play golf.. not here in Mass where I am!! Hey, I have used some online accounting help forums.. do you do any of those? My husband is a sole practitioner attorney and I do the taxes.. so I'm often looking for info! Thanks again - Maggie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users