Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security settings change by themselves, then internet slows to a halt


  • Please log in to reply
21 replies to this topic

#1 integrityconsulting

integrityconsulting

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 24 November 2014 - 09:42 PM

Title says it all.

 

I've seen others on the forum with the same basic issue, but they all have different instructions so am not sure what will or won't work for my situation.

 

Thanks in advance for the help.



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:56 PM

Posted 25 November 2014 - 10:58 AM

If may help...if we knew what security settings...how they changed...what the effect on the system was...and such other pertinent details for your situation.

 

Louis



#3 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 25 November 2014 - 01:19 PM

Hi Louis,

Under Security Settings it:

Removes the check mark on Enable Protected Mode

Changes setting for “Websites in less privileged web content zone can navigate…” from Disable to Enable

Changes setting for “File Download” from enable to disable

For my web based Hotmail account it changes Microsoft Outlook from Invisible to Available

 

I notice something is wrong because things slow waaay down and then nothing works.


Edited by integrityconsulting, 25 November 2014 - 01:23 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:56 PM

Posted 25 November 2014 - 02:19 PM

Moved topic to Am I Infected forum.

 

Louis



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:56 PM

Posted 25 November 2014 - 02:23 PM

Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
malwarerun_zps9abd4ef1.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 
 

Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.
 
 

Please download and install Emsisoft.
 
1.  When Emsisoft opens click on Update.
 
emsisoft6_zpsace019ac.png
 
2.  Click on Full Scan.
 
emsisoft7_zps9186dacd.png
 
3.  After the scan has completed the results will be displayed.  Make sure there is a check in the box of each item found, then click on Quarantine.
 
emsisoft9_zpsf493a30a.png
 
4.  After the items have been quarantined click on OK.
 
emsisoft10_zpscd89d5de.png
 
5.  After the quarantine has been completed click on Logs.
 
emsisoft11_zps7f976399.png
 
6.  Click on Export and save the log to a location which you will be able to find and open.  Open the log, copy and then paste the log in your topic.
 
emsisoft12_zpsb7365391.png
 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 25 November 2014 - 02:36 PM

Okay, I've done Malware Bytes a few times over the last few days.

Will tackle the rest this evening and get back to you.

Thanks very much for the guidance!



#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:56 PM

Posted 26 November 2014 - 10:03 AM

Please post the Malwarebytes log which found items.

 

To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log toQuarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 26 November 2014 - 08:44 PM

Arachibutyrophobia,

 

Malwarebytes Anti-Malware keeps popping up a box that says:  Malicious Website Blocked C:\Windows\SvsWoW64\dllhost.exe

 

here's the part of the log you requested:

 

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE



#9 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 26 November 2014 - 11:27 PM

I'm at the point where the computer will not allow me to download the other items.



#10 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 27 November 2014 - 05:06 AM

Am definitely unable to use any program or even download any program that has been suggested.  My research shows the issue, at a minimum, seems to be Poweliks.

Also unable to get laptop to recognize thumb drive so i can download the programs from one laptop over to mine.  thumb drive doesn't show up anywhere to allow me to download the programs.



#11 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:56 PM

Posted 27 November 2014 - 10:59 AM

What operating system are you running?

 

If you are not running Windows 8/8.1 try booting into Safe Mode with Networking and see if you can download from there.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 27 November 2014 - 02:54 PM

Yes, tried that. Same results. Iexplore.exe *32 takes over iexplore.exe and blocks ability to do anything. Am not sure what to do next.

#13 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 27 November 2014 - 03:10 PM

Getting
windows security warning
windows found that this file is potentially harmful.
to help protect your computer. Windows has blocked access to this file
name : msert.exe

#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:56 PM

Posted 28 November 2014 - 10:08 AM

Please answer my question, what operating system are you running?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 integrityconsulting

integrityconsulting
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 28 November 2014 - 11:33 AM

Windows 7






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users