Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TCP/IP settings gone


  • Please log in to reply
7 replies to this topic

#1 mcassin

mcassin

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:51 PM

Posted 05 August 2010 - 03:50 PM

Had a virus/malware that was sending out mutiple e-mails,
Ran malware bytes it found a few and removed them rebooted connected back to the network still sending out spam
rebooted to safe mode ran combofix.exe
It found a few things I belive that it got rid of it rebooted into normal mode
the connections will connect to wireless and wired but there are no TCP/IP settings
Did clikc "repair" on both connections.

EDIT: Removed ComboFix log, this is not malware forum. If you have a malware issue, state such and I will put your log back and move you to the appropriate malware area ~ Hamluis.

Edited by hamluis, 05 August 2010 - 03:54 PM.


BC AdBot (Login to Remove)

 


#2 mcassin

mcassin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:51 PM

Posted 05 August 2010 - 03:54 PM

update
I went into the device manager there was a ghost with a yellow exclaimaiton point for everyone of my network devices
tried to remove them it said it could not going to safe mode to take them all out to see what happens

#3 LeveledHead

LeveledHead

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Middle America
  • Local time:09:51 PM

Posted 05 August 2010 - 03:58 PM

Just to be clear, are we talking about

Posted Image

THIS TCPIP settings? If not, please specify.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:51 PM

Posted 05 August 2010 - 04:03 PM

<<...there are no TCP/IP settings>>

What does that mean? What settings are you referring to, where are you looking?

Go to Control Panel/Network Connections...right-click on Local Connection. What's listed in that window? One of the listings should be TCP/IP.

Put the mouse on TCP/IP and click Properties. What is reflected as the chosen option? Both should reflect "obtain automatically".

Louis

#5 mcassin

mcassin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:51 PM

Posted 05 August 2010 - 04:06 PM

No that was there but if you went into the connection itself to see the TCP/IP conection details it was blank. The same information that you get if you do an ipconfig. Good news is I fixed that by going to safemode removing all connections and going back to normal mode it seems it had winpkfilter driver's installed causing a little mess. bad news is as soon as I connect a cable to it BOOM it starts spamming e-mail again so back to the drawing board for me

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:51 PM

Posted 05 August 2010 - 04:06 PM

If you were looking in Device Manager...and you had yellow markings...you need to reinstall/install the drivers for each device which has a yellow marking.

Louis

#7 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:51 PM

Posted 05 August 2010 - 04:10 PM

Based on what you now state...it sounds to me as if your system is infected.

I will move you to our Am I Infected forum...please follow the guidance which is provided you there. If any logs are needed, personnel there will request them from you.

Louis

#8 mcassin

mcassin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:51 PM

Posted 05 August 2010 - 04:14 PM

yea its infected still not sure with what but one of my users computers here have had it before. I will be on the phone tomorrow with blackhause to get us off the black list. I have a few other things to try if that does not work I will ask for help on here. Or just reimage the machine.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users