Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to Connect to Internet - Proxy Server Refusing Connections


  • Please log in to reply
15 replies to this topic

#1 newschick

newschick

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 12 February 2015 - 05:32 PM

HP TouchSmart Windows 8 w/Norton 360 installed.

Unable to connect to internet, proxy server refusing connections, unable to change in internet options (will not save)

Shows user is admin, but won't let changes be made.

(I've found a wealth of help here before, and this time my boss needs help, so I am trying to help him out)

 

Found a thread on microsoft stating this could be a possible virus.

Advised to download Hitman, Spybot, Malwarebytes and AVG.

Was able to download Hitman and run from USB.  Found 33+ threats, and supposedly quarantined or deleted them.

Unable to scan with Spybot, because it said needed internet connection.

Scanned with Malwarebytes and found 1204 no malicious, and 2 malicious. Supposedly removed those as well.

 

Gen: Variant.Adware.Graftor.169592

HEUR: Trojan.Win32.Generic

Trojan.Generic.11651395

Troan.GenerickD.2082785

 

While running through these, Norton popped up something about Bloodhound.MalPE

 

I've told him he doesn't need Norton, but right now we don't know how to get rid of it.

 

Please let me know if you can help us out.  We will be available to post whatever is needed and proceed tomorrow. Thanks in advance!

 



BC AdBot (Login to Remove)

 


#2 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 12 February 2015 - 08:25 PM

Hello, newschick! Let's start with some important instructions:

  • Avoid installing or uninstalling programs during the malware removal process, because doing so can cause discrepancies between the information in different log files created by different programs at different times.
  • Do NOT run tools such as Combofix unless instructed by a BleepingComputer staff member. These tools can break your computer if used improperly, so you should only run them if you know what you are doing or if the person who told you to use Combofix knows what they're doing.
  • If you want to, you should back up all important documents and files to an external storage device or online file backup service. Malware infections--and attempts to fix them--can prevent your computer from booting up, making your files unaccessable; this means that backing up your files to an USB flash drive or to an online service like Dropbox before attempting to remove malware is a good idea.

Step 1: Rkill

 

  1. Please download Rkill by Grinler. Save it to your desktop.
  2. Run the program. If you are using Windows Vista, you should right click the program and select "Run as administrator".
  3. A Black DOS box should appear; this indicates that the program is functioning.
  4. The program will generate a log file on your desktop. Post the contents of that file in your next reply.
  5. Do not restart your computer until the other steps are finished.

 

Step 2: Please download MiniToolBox by Farbar, and save it to your desktop.

 

Run the program. Please select the following options:

 

  1. Flush DNS
  2. Report IE proxy settings
  3. Reset IE proxy settings
  4. Report FF proxy settings
  5. Reset FF proxy settings
  6. List content of Hosts
  7. List installed programs
  8. List restore points

After the program finishes its job, it will create a log file called "Result.txt" on your desktop. Post the contents of that file in your next reply.

 

Step 3: Run ESET online scanner

 

  1. Using Internet Explorer, navigate to http://www.eset.com/us/online-scanner-popup/ (If you used another web browser, such as Firefox, you will have to download an installer file)
  2. Read through the program's terms of use. If you agree with it, check the checkbox which confirms that you accepted the program's terms of use. If you do not agree with its terms of use, then notify me and I can find another virus cleaning solution for you.
  3. Accept any security warnings which may appear.
  4. Click on the advanced settings part, and select "Scan for potentially unsafe applications","remove found threats", and "Scan archives".
  5. Check "scan for potentially unwanted applications".
  6. Click "start".
  7. Eset will download updates and scan your computer; this may take a few minutes to a few hours.
  8. When the scan completes, click "list threats".
  9. Click "Export", and save the log file to your desktop.
  10. Post the contents of the log file to your next forum post. Please note that if ESET does not detect anything, it may not necessarily generate a log file.

Step 4: Please download AdwCleaner by Xplode, and save it to your desktop.

 

  1. Click on the "scan" button.
  2. The tool will scan your computer for adware; this may take a few minutes.
  3. After the scan has finished, click on the "Report" button. A logfile, AdwCleaner[R0].txt, will show.
  4. After viewing the log, close the log file window. View the list of adware detections, and uncheck ones that you do not want to remove(i.e. the ones which you're sure to be benign).
  5. Press the "Clean" button. You will be requested to restart your computer.
  6. After restarting your computer, a log file called AdwCleaner[S0].txt will show. Post the contents of that log file in your next reply.

Edited by jh1234l, 12 February 2015 - 08:25 PM.


#3 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 13 February 2015 - 07:03 AM

Thank you.

 

I will have to download the programs to a flash drive and then run from there. If I can't get online, how will I run the ESET online scanner?

 

I was able to download the RKill to a flash drive. It looks like it didn't detect anything:

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/13/2015 08:50:02 AM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Step 2: I notice the MiniToolBox doesn't mention Windows 8 ??
But I attempted to download and place on flash drive; however, I am getting a message: Failed - Network error

 

Gateway Anti-Virus Alert

This request is blocked by the SonicWALL Gateway Anti-Virus Service. Name: MalAgent.H_1439 (Trojan)

 

It seems my office virus protection seems this is a trojan???  


Edited by newschick, 13 February 2015 - 09:13 AM.


#4 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 13 February 2015 - 10:00 AM

 

Step 2: I notice the MiniToolBox doesn't mention Windows 8 ??
But I attempted to download and place on flash drive; however, I am getting a message: Failed - Network error

 

Gateway Anti-Virus Alert

This request is blocked by the SonicWALL Gateway Anti-Virus Service. Name: MalAgent.H_1439 (Trojan)

 

It seems my office virus protection seems this is a trojan???  

 

Does anyone have a link for this MiniToolBox download? Not sure why it is blocked, but it is. Is this a false positive?  Can't bypass the security measures at the office. Any other thoughts from anyone on how to get this on a flash drive?



#5 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 13 February 2015 - 06:40 PM

 

 

Step 2: I notice the MiniToolBox doesn't mention Windows 8 ??
But I attempted to download and place on flash drive; however, I am getting a message: Failed - Network error

 

Gateway Anti-Virus Alert

This request is blocked by the SonicWALL Gateway Anti-Virus Service. Name: MalAgent.H_1439 (Trojan)

 

It seems my office virus protection seems this is a trojan???  

 

Does anyone have a link for this MiniToolBox download? Not sure why it is blocked, but it is. Is this a false positive?  Can't bypass the security measures at the office. Any other thoughts from anyone on how to get this on a flash drive?

 

Minitoolbox is a safe application, so it is a false positive.

 

Let's try this instead:

 

Please download Netadapter Repair All In One By Conner Bernhard

  1. Click on "Advanced repair"
  2. Wait for the tool to run
  3. Tell me if the tool fixed the connection issues

 

After the tool runs, proceed with the previous instructions (skip minitoolbox)


Edited by jh1234l, 13 February 2015 - 06:41 PM.


#6 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 13 February 2015 - 09:19 PM

The Netadapter repair didn't work. However, I didn't restart.  Should I restart?  If not, I am not on the office network now, so I could try and download the minitoolbox. It isn't recognizing the administator.


Edited by newschick, 13 February 2015 - 09:22 PM.


#7 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 13 February 2015 - 11:48 PM

Try restarting, then running minitoolbox.



#8 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 14 February 2015 - 04:51 AM

Thank you.  I restarted and then ran minitoolbox.  I am still unable to connect to the internet.  I tired with IE and FF.  This is this message on IE:

 

The proxy server isn't responding:

  • Check your proxy settings, Go to Tools > Internet Options > Connections
  • If you are on a LAN, click LAN settings
  • Make sure your firewall settings aren't blocking your web access
  • Ask your system administrator

 

So, it is still the same issue.  When you open connections, there is a note at the bottom stating some settings are handled by the system administrator. The person logged in IS the administrator.

 

Could there still be a hidden virus? Settings?

Here are the results from minitoolbox.  There are lots of programs that were installed in an effort to fix this, but I also see lots of stuff that probably came with the computer, and then stuff that probably downloaded other programs when installed.  From what I could tell several of the initially identified viruses were from some type of coupon service.

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Hannah (administrator) on 14-02-2015 at 04:40:55
Running from "E:\Bert"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
 
=========================== Installed Programs ============================
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.5.5811 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Documentation (HKLM-x32\...\{DD27F8B0-BFDE-4188-89A0-BBF389FC367E}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 8.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Instant PC Optimizer 1.0.0.1 (HKLM-x32\...\Instant PC Optimizer) (Version: 1.0.0.1 - Instant PC Optimizer)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Klip Pal (HKLM\...\Klip Pal) (Version: 2014.10.08.232535 - Klip Pal)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.2.4.18506 - LeapFrog)
LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog) Hidden
LeapFrog LeapReader Plugin (x32 Version: 5.2.4.18512 - LeapFrog) Hidden
LeapFrog Tag Plugin (x32 Version: 5.1.26.18340 - LeapFrog) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapReader Plugin) (HKLM-x32\...\LeapReaderPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 5.1.26.18340 - LeapFrog)
Web Bar 2.0.5382.15320 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5382.15320 - Web Bar Media)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
========================= Restore Points ==================================
 
23-01-2015 19:35:03 Windows Update
26-01-2015 22:38:31 Removed GeekBuddy.
12-02-2015 18:46:30 HPSF Applying updates
 
**** End of log ****


#9 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 14 February 2015 - 11:36 AM

:step1: Please uninstall:

  1. Instant PC Optimizer
  2. Klip Pal
  3. McAfee security scan
     

:step2: Please check your internet settings

  • Open Internet Explorer
  • Go to Tools > Internet Options > Connections
  • If you are on a LAN, click LAN settings
  • Make sure your firewall settings aren't blocking your web access


#10 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 14 February 2015 - 02:22 PM

 

:step1: Please uninstall:

  1. Instant PC Optimizer
  2. Klip Pal
  3. McAfee security scan
     

:step2: Please check your internet settings

  • Open Internet Explorer
  • Go to Tools > Internet Options > Connections
  • If you are on a LAN, click LAN settings
  • Make sure your firewall settings aren't blocking your web access

 

Uninstalled those programs. The KlipPal said it was already uninstalled, so it asked me if I wanted to remove from the list and I said yes.

 

I am currently in the internet options, connections.  I have no idea if I am on a LAN.  I am trying to wirelessly connect.  I can uncheck the "use proxy server" , "bypass proxy server for local address", or I can choose advanced, and view the proxy addresses and ports.

 

There option to automatically detect settings is checked, and the use automatic configuration script is not checked.

 

This is also the same section that says "some settings are managed by your system administrator".  Again, I don't think it is recognizing the admin.

 

I also think the Norton might be blocking ports and/or being doing something with the firewall.  Should that be uninstalled as well?

 

I am so sorry, but I am so lost on what to do here.


Edited by newschick, 14 February 2015 - 02:27 PM.


#11 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 14 February 2015 - 07:59 PM

Can you uncheck the "use proxy server" option, and try to connect to the internet?



#12 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 14 February 2015 - 08:05 PM

Can you uncheck the "use proxy server" option, and try to connect to the internet?

Unfortunately, it won't stay unchecked.  That's been the trouble all along.



#13 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 15 February 2015 - 01:05 PM

Let's try using system restore.

 

  1. Boot into an administrator account.
  2. Open the Control Panel.
  3. In the search box, type "recovery".
  4. Click "open system restore".
  5. Restore to the restore point 26-01-2015 22:38:31 Removed GeekBuddy.


#14 newschick

newschick
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:47 AM

Posted 15 February 2015 - 03:49 PM

I have completed this, but it is still doing the same thing.  Of course, uninstalled programs are back now. Norton's just popped up stating it stopped something too ........... does this allow the viruses that were removed to be back? Should I try and start over at the beginning of the instructions now?


Edited by newschick, 15 February 2015 - 04:03 PM.


#15 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 15 February 2015 - 10:58 PM

Well, it appears to be nearly impossible to fix your network connection using the tools which we are allowed to use on this forum. I recommend you to post a new topic in the Malware Removal Logs forum for a more thorough look by a professional tech expert.

 

Please follow the preparation guide for posting in the Malware Removal Logs forum, and post a new topic called "Virus changes network connection settings". Make sure to include a link back to this forum topic, so that BleepingComputer staff members can see the logs posted here.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users