My sister fell victim to scareware, clicking and downloading several malicious programs from the internet. This was over the course of about six months. She made me aware of the problem a couple of months ago, so I have been working on cleaning up the computer. I have tried everything in my knowledge.
Here are my problems:
1. I cannot connect to the internet with Internet Explorer v8.0.7600.16385 even though I am connected to a functioning home wireless LAN.
2. Before I uninstalled Mozilla Firefox (see point 6 below), ~10 advertisements disguised as search results would appear above normal Google search results (no, these were not the paid Google ads). After navigating to a site, advertisements would pop up, open new tabs, and slide out from the sides of pages.
3. The computer is sluggish and other programs are also having difficulty connecting to the internet (see below)
Here is what I have tried:
1. Removed the obviously malicious "virus removal" scareware programs that showed up in Programs and Features section of Control Panel. Ran Malwarebytes Anti-Malware. Results (Full Reports linked @ bottom):
3/7/14 Quick Scan: 1 Memory Process Detected, 23 Registry Keys Detected, 1 Registry Value Detected, 2 Registry Data Items Detected, 31 Folders Detected, 188 Files Detected.
4/30/14 Full Scan: 2 Registry Keys Detected, 2 Registry Values Detected, 3 Folders Detected, 31 Folders Detected,
After both scans, I deleted all quarantined objects.
2. Downloaded Microsoft Security Essentials. (The computer had an expired trial of Trend Micro, no other AV software)
3. Tried to ensure Windows Firewall was turned on. The only option in Control Panel/System and Security/Windows Firewall is "Use recommended settings" When I click the button, it says, "Windows Firewall can't change some of your settings. Error code: 0x80070424"
4. I was worried that the firewall was not working, so I downloaded ZoneAlarm Free Firewall v13.0.208. ZoneAlarm says that it is securring 211 programs and there have been 4 access attempts blocked.
5. Since I was still having the same problems, I downloaded Spybot v1.6.2. When I ran a scan on 5/2/14, I discovered several malicous programs (yes, this was after the two Mbam scans). I know there was adware, but I don't remember what other types because when I realized there was a new version (v2.3), I downloaded it and uninstalled v1.6.2-destroying the log. Spybot v2.3 was not able to connect to the internet to download the malware definitions, so I had to manually update it via a flash drive. 116 objects (mostly "tracking cookies") were removed with the v2.3 scan. I still was not able to connect to the internet.
6. I thought that Firefox might be the problem, so I removed it. Unfortunately, that did not fix the problem, so now I do not have anyway to access the internet (even though I can still connect to my home wireless LAN)
7. I tried installing Google Chrome via flash drive, but the installation process failed. The error message said that it could not connect to the internet and suggested whitelisting the program within firewalls. ZoneAlarm whitelisted the program automatically, but I was not able to access Windows Firewall settings (see step 4).
8. I have combed through the programs on the services and startup tabs in msconfig, looking up programs in the databases on this website to try to find malicious programs running in the background/starting during the boot process. (I stopped several services and startup programs, but cannot remember which ones).
9. Ran Internet Connection Troubleshooter to ensure that it was not an issue with the hardware (and not malware). However, the report blames the connection problem on an issue with the connection of my access point/modem to the internet. That is not correct because I am using the wireless network on my Lenovo Helix to submit this post. I tried a wired connection with an Ethernet cable and ran the troubleshooter with the same results.
I am out of ideas and the computer still runs slowly and will not connect to the internet even though it is connected to the same home wireless network that I am using to submit this post.
Here are the computer stats:
Toshiba Satellite A665
Windows 7 Home Premium 64-bit
Intel Core i3 CPU M 370 @ 2.40 GHz
RAM: 4.00 GB (3.80 GB Usable)
453 GB HDD (368 GB free)
Link to Reports from Malwarebytes Scans, Spybot Failed Update Attempts, Internet Connection Troubleshooting:
(I am new to Google drive, so let me know if you cannot access this link.
I am new to this website, so if I posted this under the wrong category, please move the post. To me, this seems like a malware issue, but to someone with more experience than me, this could be a networking issue.
I would appreciate any help!