Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with interentport3.exe virus please!


  • This topic is locked This topic is locked
12 replies to this topic

#1 zachfile0818

zachfile0818

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 14 August 2014 - 04:30 PM

It is making it so I cant go online without going into settings and going no proxy. Also slowing my laptop down. Any help is appreciated. Thanks!

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:10 AM

Posted 19 August 2014 - 08:35 AM

Hello, Welcome to BleepingComputer.

I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
If this is the cause of your proxy problems.

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: http=127.0.0.1:8877;https=127.0.0.1:8877

 
 
In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:8877 if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
===
 
If you use Firefox in Tools Menu > Options... > Advanced Tab > Network Tab > Connection > Settings. Select the Auto-detect proxy settings for this network option. Or no proxy if you do not need it.
===
 
Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
Winlogon\Notify\igfxcui: igfxdev.dll [X]
SearchScopes: HKLM-x32 - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm423^YYA^us&si=49588&ptb=98E475BF-EFD9-4612-86C9-210E183B26E9&ind=2014011115&n=780b5eeb&psa=&st=sb&searchfor={searchTerms}
BHO-x32: DownloadTerms -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\Drew\AppData\Local\DownloadTerms\temp.dat No File
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 
End
 
Save the files as fixlist.txt into the same folder as FRST
 
Run FRST and click Fix only once and wait.
 
Restart the computer normally to reset the registry.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
Please download AdwCleaner by Xplode onto your Desktop.
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the  Scan  button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
 
IMPORTANT
 
  •  
  • If you click the Clean button all items listed in the report will be removed.
 
 
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
 
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the  Scan  button and wait for the process to complete.
  • Uncheck the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
 
====
 
Please post the logs and let me know if the problem persists.


#3 zachfile0818

zachfile0818
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 21 August 2014 - 09:24 PM

Here they are. Thanks!

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:10 AM

Posted 22 August 2014 - 07:51 AM

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  • p.s.
    If the SecurityCheck program fails to run for any reason, run it as an Administrator.
     
    If the site is busy or not available use this mirror site:
    ===
     
    How is the computer running now?


    #5 zachfile0818

    zachfile0818
    • Topic Starter

    • Members
    • 5 posts
    • OFFLINE
    •  
    • Local time:01:10 AM

    Posted 22 August 2014 - 08:21 AM

    My Internet won't ever run at all now. Not even in "no proxy" mode. So I'm not sure how to fix anything!

    #6 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 22 August 2014 - 01:15 PM

     
    Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.
     
    at the cursor type:
    ipconfig /flushdns <-- (A space between g and / is needed)
     
    ipconfig /release
     
    repeat with
    ipconfig /renew
     
    Then hit Enter, type Exit, hit  the Enter key.
     
    You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
    <<<>>>
     
    If using a router execute this.
     
    How to Reset a Router Back to the Factory Default Settings
     
    Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)
     
    ===
     
    Reset for Linksys, Netgear, D-Link and Belkin Routers
     
    How to Secure Your Wireless Router
     


    #7 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 28 August 2014 - 07:41 AM

    Are you still with me?

    #8 zachfile0818

    zachfile0818
    • Topic Starter

    • Members
    • 5 posts
    • OFFLINE
    •  
    • Local time:01:10 AM

    Posted 02 September 2014 - 08:23 PM

    Sorry for the delay, I've been on vacation. It worked for about a day, now the Internet is not again. Not sure what it is. It says something about the Internet not excepting the proxy again.

    #9 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 03 September 2014 - 08:17 AM

    From the Start > run box execute REGEDIT.EXE

    This will open the Registry.

    Navigat to this key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings


    If and only if the ProxySettingsPerUser key is set to 0x0000000000 (0) create and run the .bat file suggested below.
    [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxySettingsPerUser"= 0x0000000000 (0)
    ===

    ; Purpose: Remove traces in the registry.
    ;
    ; Instructions: Copy and paste this text IN BOLD into a text editor such as Notepad.
    ;
    ; Save this text as Fix.reg. Make sure the "Save as type:" is "All Files (*.*)" and save it to your desktop.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxySettingsPerUser"=-



    ; Double-click on Fix.reg. When it asks you to merge the information to the registry click Yes.

    On a Vista or Windows 7 operating system, right click the Fix.reg and run as Administrator.

    Restart the computer normally.

    Delete the Fix.reg file when done.

    If necessary execute this again.

    Open the StartBtn.gif > run box and type cmd and hit OK
    type
    ipconfig /flushdns <-- (The space between g and / is needed) press the Enter key.

    Repeat with:
    ipconfig /release

    Repeat with:
    ipconfig /renew

    Then type Exit, hit the Enter key
    */*

    How is the computer running now?

    #10 zachfile0818

    zachfile0818
    • Topic Starter

    • Members
    • 5 posts
    • OFFLINE
    •  
    • Local time:01:10 AM

    Posted 04 September 2014 - 03:34 PM

    So when I get here: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings the only thing it opens is a folder called cache and that won't let me open it. It appears empty.

    #11 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 05 September 2014 - 08:00 AM

    So when I get here: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings the only thing it opens is a folder called cache and that won't let me open it. It appears empty.

    That key does not exist.
    ===

    Remove the proxy settings.

    In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:XXXX if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
    ===

    If you use Firefox in Tools Menu > Options... > Advanced Tab > Network Tab > Connection > Settings. Select the Auto-detect proxy settings for this network option. Or no proxy if you do not need it.
    ===

    If that fails to solve the issue continue.

    Following steps involve registry editing. Please create new restore point before proceeding!!!
    How to:
    XP - http://support.microsoft.com/kb/948247
    Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
    Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

    Download this program to your desktop.
    Tweaking.com - Windows Repair
    http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


    Extract and launch the Repair_Windows.exe file

    Click on Start repairs tab-click on Start

    check mark the following option only.
    15 - Repair Proxy Settings
    ===

    01 - Reset Registry Permissions
    02 - Reset File Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    06 - Repair Windows Firewall
    07 - Repair Internet Explorer
    08 - Repair MDAC & MS Jet
    09 - Repair Hosts File
    10 - Remove Policies Set By Infections
    11 - Repair Start menu icons Removed by Infections
    12 - Repair Icons
    13 - Repair Winsock & DNS Cache
    14 - Remove Temp Files
    15 - Repair Proxy Settings
    16 - Unhide Non System Files
    17 - Repair Windows Updates
    18 - Repair CD/DVD Missing/Not Working
    19 - Repair Volume Shawdow Volume Copy Service
    20 - Repair Windows Sidebar / Gadgets
    21 - Repair MSI (Windows Installer)
    22 - Repair Windows Snipping Tool
    23 - Repair File Associatesions
    24 - Repair Windows Safe Mode
    25 - Repair Print Spooler
    26 - Restore Important Windows Services
    27 - Set Windows Services to Default Startup
    28 - Repair Windows 8 App Store
    29 - Repair Windows 8 Component Store
    30 - Repair Windows 8 COM+ Unmarsharler
    • Checkmark Restart System When Finished option
    • click the Start button
    • System should restart after repair
    How is it now?

    #12 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 09 September 2014 - 09:01 AM

    Are you still with me?

    #13 nasdaq

    nasdaq

    • Malware Response Team
    • 39,559 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:04:10 AM

    Posted 15 September 2014 - 08:06 AM

    Due to the lack of feedback, this topic is now closed.

    In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

    Please include a link to your topic in the Private Message. Thank you.




    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users